CVE-2024-49862

HIGH EPSS 13.5%
Published Oct 21, 20241y ago · Modified Jun 17, 20262w ago
7.1 CVSS 3.1
High
Find Similar
Published Oct 21, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: Fix off by one in get_rpi() The rp->priv->rpi array is either rpi_msr or rpi_tpmi which have NR_RAPL_PRIMITIVES number of elements. Thus the > needs to be >= to prevent an off by one access.

CVSS Details

Base Score
7.1
Exploitability
1.8
Impact
5.2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
13.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-193

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥6.5  –  <6.6.54
linuxlinux_kernel*≥6.7  –  <6.10.13
linuxlinux_kernel*≥6.11  –  <6.11.2

References 4

  • git.kernel.org https://git.kernel.org/stable/c/288cbc505e2046638c615c36357cb78bc9fee1e0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6a34f3b0d7f11fb6ed72da315fd2360abd9c0737
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/851e7f7f14a15f4e47b7d0f70d5c4a2b95b824d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/95f6580352a7225e619551febb83595bcb77ab17
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/288cbc505e2046638c615c36357cb78bc9fee1e0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6a34f3b0d7f11fb6ed72da315fd2360abd9c0737
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/851e7f7f14a15f4e47b7d0f70d5c4a2b95b824d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/95f6580352a7225e619551febb83595bcb77ab17
    Patch