CVE-2024-43849

MEDIUM EPSS 6.0%
Published Aug 17, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 17, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: protect locator_addr with the main mutex If the service locator server is restarted fast enough, the PDR can rewrite locator_addr fields concurrently. Protect them by placing modification of those fields under the main pdr->lock.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity High
Availability None

Threat Intelligence

EPSS Exploit Probability
6.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥5.7  –  <6.1.103
linuxlinux_kernel*≥6.2  –  <6.6.44
linuxlinux_kernel*≥6.7  –  <6.10.3

References 8

  • git.kernel.org https://git.kernel.org/stable/c/107924c14e3ddd85119ca43c26a4ee1056fa9b84
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3e815626d73e05152a8142f6e44aecc4133e6e08
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/475a77fb3f0e1d527f56c60b79f5879661df5b80
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8543269567e2fb3d976a8255c5e348aed14f98bc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0870c4847e77a49c2f91bb2a8e0fa3c1f8dea5c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eab05737ee22216250fe20d27f5a596da5ea6eb7
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/107924c14e3ddd85119ca43c26a4ee1056fa9b84
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3e815626d73e05152a8142f6e44aecc4133e6e08
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/475a77fb3f0e1d527f56c60b79f5879661df5b80
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8543269567e2fb3d976a8255c5e348aed14f98bc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0870c4847e77a49c2f91bb2a8e0fa3c1f8dea5c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eab05737ee22216250fe20d27f5a596da5ea6eb7
    Patch