4.7
CVE-2024-50174
- EPSS 0.02%
- Published 08.11.2024 06:15:14
- Last modified 01.10.2025 21:15:58
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Open
LoginIn the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race when converting group handle to group object XArray provides it's own internal lock which protects the internal array when entries are being simultaneously added and removed. However there is still a race between retrieving the pointer from the XArray and incrementing the reference count. To avoid this race simply hold the internal XArray lock when incrementing the reference count, this ensures there cannot be a racing call to xa_erase().
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.10 < 6.10.14
Linux ≫ Linux Kernel Version >= 6.11 < 6.11.3
Linux ≫ Linux Kernel Version6.12 Updaterc1
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.045 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 1 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.7 | 1 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.