CVE-2024-26911

LOW

Linux Kernel 6.7-6.7.5 - Denial of Service via DRM Buddy Alloc Range Error Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Fix alloc_range() error handling code Few users have observed display corruption when they boot the machine to KDE Plasma or playing games. We have root caused the problem that whenever alloc_range() couldn't find the required memory blocks the function was returning SUCCESS in some of the corner cases. The right approach would be if the total allocated size is less than the required size, the function should return -ENOSPC.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/4b59c3fada06e5e8010ef7700689c71986e667a2

Patch

https://git.kernel.org/stable/c/8746c6c9dfa31d269c65dd52ab42fde0720b7d91

Scores

CVSS v3 3.3

EPSS 0.0019

EPSS Percentile 8.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-755

Status published

Products (8)

linux/Kernel 6.7.0 - 6.7.6linux

Linux/Linux < 6.7

Linux/Linux 0a1844bf0b532d84324453374ad6845f64066c28 - 4b59c3fada06e5e8010ef7700689c71986e667a2

Linux/Linux 0a1844bf0b532d84324453374ad6845f64066c28 - 8746c6c9dfa31d269c65dd52ab42fde0720b7d91

Linux/Linux 6.7

Linux/Linux 6.7.6 - 6.7.*

Linux/Linux 6.8

linux/linux_kernel 6.7.0 - 6.7.6

Published Apr 17, 2024

Tracked Since Feb 18, 2026