CVE-2024-42262

MEDIUM EPSS 9.5%
Published Aug 17, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 17, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. (cherry picked from commit 484de39fa5f5b7bd0c5f2e2c5265167250ef7501)

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
9.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥6.8  –  <6.10.4
linuxlinux_kernel6.11any

References 2

  • git.kernel.org https://git.kernel.org/stable/c/32df4abc44f24dbec239d43e2b26d5768c5d1a78
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ad5fdc48f7a63b8a98493c667505fe4d3864ae21
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/32df4abc44f24dbec239d43e2b26d5768c5d1a78
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ad5fdc48f7a63b8a98493c667505fe4d3864ae21
    Patch