CVE-2024-49984

HIGH EPSS 15.2%
Published Oct 21, 20241y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published Oct 21, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be copied into.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
15.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥6.8  –  <6.10.4
linuxlinux_kernel*≥6.10.5  –  <6.10.14
linuxlinux_kernel*≥6.11  –  <6.11.3

References 3

  • git.kernel.org https://git.kernel.org/stable/c/3e50d72abe50204c7b19784a66e86da29dde32c2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d9536f16be3970c170571efa707c13cd089c774e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f32b5128d2c440368b5bf3a7a356823e235caabb
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3e50d72abe50204c7b19784a66e86da29dde32c2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d9536f16be3970c170571efa707c13cd089c774e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f32b5128d2c440368b5bf3a7a356823e235caabb
    Patch