CVE-2024-41060

MEDIUM EPSS 14.8%
Published Jul 29, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jul 29, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check bo_va->bo is non-NULL before using it The call to radeon_vm_clear_freed might clear bo_va->bo, so we have to check it before dereferencing it.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel* <5.15.164
linuxlinux_kernel*≥5.16  –  <6.1.101
linuxlinux_kernel*≥6.2  –  <6.6.42
linuxlinux_kernel*≥6.7  –  <6.9.11
linuxlinux_kernel6.10any
linuxlinux_kernel6.10any
linuxlinux_kernel6.10any
linuxlinux_kernel6.10any
linuxlinux_kernel6.10any
linuxlinux_kernel6.10any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/6fb15dcbcf4f212930350eaee174bb60ed40a536
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8a500b3a5f0a58c6f99039091fbd715f64f2f8af
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a2b201f83971df03c8e81a480b2f2846ae8ce1a3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a9100f17428cb733c4f6fbb132d98bed76318342
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e8d3c53c6f1cccea9c03113f06dd39521c228831
  • git.kernel.org https://git.kernel.org/stable/c/f13c96e0e325a057c03f8a47734adb360e112efe
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/6fb15dcbcf4f212930350eaee174bb60ed40a536
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8a500b3a5f0a58c6f99039091fbd715f64f2f8af
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a2b201f83971df03c8e81a480b2f2846ae8ce1a3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a9100f17428cb733c4f6fbb132d98bed76318342
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f13c96e0e325a057c03f8a47734adb360e112efe
    Patch