5.5

CVE-2024-42263

EPSS 0.01%
Veröffentlicht 17.08.2024 09:15:07
Zuletzt bearbeitet 19.08.2024 20:41:11
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/v3d: Fix potential memory leak in the timestamp extension

If fetching of userspace memory fails during the main loop, all drm sync
objs looked up until that point will be leaked because of the missing
drm_syncobj_put.

Fix it by exporting and using a common cleanup helper.

(cherry picked from commit 753ce4fea62182c77e1691ab4f9022008f25b62e)

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.8 < 6.10.4

Linux ≫ Linux Kernel Version6.11 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.009

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

https://git.kernel.org/stable/c/0e50fcc20bd87584840266e8004f9064a8985b4f

Patch

https://git.kernel.org/stable/c/9b5033ee2c5af6d1135a403df32d219ab57e55f9

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-42263

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-42263

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-42263

EUVD