7.1

CVE-2024-42264

EPSS 0.01%
Published 17.08.2024 09:15:07
Last modified 06.03.2025 12:53:17
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/v3d: Prevent out of bounds access in performance query extensions

Check that the number of perfmons userspace is passing in the copy and
reset extensions is not greater than the internal kernel storage where
the ids will be copied into.

(cherry picked from commit f32b5128d2c440368b5bf3a7a356823e235caabb)

Affected products Warnungen 0 Metrics 2 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.8 < 6.10.4

Linux ≫ Linux Kernel Version6.11 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.009

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/6ce9efd12ae81cf46bf44eb0348594558dfbb9d2

Patch

https://git.kernel.org/stable/c/73ad583bd4938bf37d2709fc36901eb6f22f2722

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-42264

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-42264

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-42264

EUVD