CVE-2024-39497

EPSS 0.01%
Published 12.07.2024 13:15:12
Last modified 17.09.2025 16:15:42
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)

Lack of check for copy-on-write (COW) mapping in drm_gem_shmem_mmap
allows users to call mmap with PROT_WRITE and MAP_PRIVATE flag
causing a kernel panic due to BUG_ON in vmf_insert_pfn_prot:
BUG_ON((vma->vm_flags & VM_PFNMAP) && is_cow_mapping(vma->vm_flags));

Return -EINVAL early if COW mapping is detected.

This bug affects all drm drivers using default shmem helpers.
It can be reproduced by this simple example:
void *ptr = mmap(0, size, PROT_WRITE, MAP_PRIVATE, fd, mmap_offset);
ptr[0] = 0;

Affected products Warnungen 0 Metrics 2 CWE 1 References 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.2 < 5.10.229

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.169

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.114

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.35

Linux ≫ Linux Kernel Version >= 6.7 < 6.9.6

Linux ≫ Linux Kernel Version6.10 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.002

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://git.kernel.org/stable/c/03c71c42809ef4b17f5d874cdb2d3bf40e847b86

Patch

https://git.kernel.org/stable/c/1b4a8b89bf6787090b56424d269bf84ba00c3263

Patch

https://git.kernel.org/stable/c/2219e5f97244b79c276751a1167615b9714db1b0

Patch

https://git.kernel.org/stable/c/39bc27bd688066a63e56f7f64ad34fae03fbe3b8

Patch

https://git.kernel.org/stable/c/3ae63a8c1685e16958560ec08d30defdc5b9cca0

Patch

https://git.kernel.org/stable/c/a508a102edf8735adc9bb73d37dd13c38d1a1b10

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-39497

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-39497

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-39497

EUVD