7.8

CVE-2024-49984

EPSS 0.05%
Veröffentlicht 21.10.2024 18:15:18
Zuletzt bearbeitet 27.12.2024 13:15:20
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

drm/v3d: Prevent out of bounds access in performance query extensions

In the Linux kernel, the following vulnerability has been resolved:

drm/v3d: Prevent out of bounds access in performance query extensions

Check that the number of perfmons userspace is passing in the copy and
reset extensions is not greater than the internal kernel storage where
the ids will be copied into.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 3 VulnDex Vulnerability Enrichment 3

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.8 < 6.10.4

Linux ≫ Linux Kernel Version >= 6.10.5 < 6.10.14

Linux ≫ Linux Kernel Version >= 6.11 < 6.11.3

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.134

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/3e50d72abe50204c7b19784a66e86da29dde32c2

Patch

https://git.kernel.org/stable/c/d9536f16be3970c170571efa707c13cd089c774e

Patch

https://git.kernel.org/stable/c/f32b5128d2c440368b5bf3a7a356823e235caabb

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-49984

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-49984

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-49984

EUVD