7.8

CVE-2024-49984

drm/v3d: Prevent out of bounds access in performance query extensions

In the Linux kernel, the following vulnerability has been resolved:

drm/v3d: Prevent out of bounds access in performance query extensions

Check that the number of perfmons userspace is passing in the copy and
reset extensions is not greater than the internal kernel storage where
the ids will be copied into.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.8 < 6.10.4
LinuxLinux Kernel Version >= 6.10.5 < 6.10.14
LinuxLinux Kernel Version >= 6.11 < 6.11.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.15
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/3e50d72abe50204c7b19784a66e86da29dde32c2
Patch
https://git.kernel.org/stable/c/d9536f16be3970c170571efa707c13cd089c774e
Patch
https://git.kernel.org/stable/c/f32b5128d2c440368b5bf3a7a356823e235caabb
Patch