CVE-2024-26922

MEDIUM

Linux Kernel - Buffer Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpu_vm_bo_(map/replace_map/clearing_mappings) in one common place.

References (13)

[Patch] https://git.kernel.org/stable/c/1fd7db5c16028dc07b2ceec190f2e895dddb532d

[Patch] https://git.kernel.org/stable/c/212e3baccdb1939606420d88f7f52d346b49a284

[Patch] https://git.kernel.org/stable/c/6fef2d4c00b5b8561ad68dd2b68173f5c6af1e75

[Patch] https://git.kernel.org/stable/c/8b12fc7b032633539acdf7864888b0ebd49e90f2

[Patch] https://git.kernel.org/stable/c/b1f04b9b1c5317f562a455384c5f7473e46bdbaa

[Patch] https://git.kernel.org/stable/c/d4da6b084f1c5625937d49bb6722c5b4aef11b8d

[Patch] https://git.kernel.org/stable/c/ef13eeca7c79136bc38e21eb67322c1cbd5c40ee

[Patch] https://git.kernel.org/stable/c/f68039375d4d6d67303674c0ab2d06b7295c0ec9

[Third Party Advisory] https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

[Third Party Advisory] https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

[Third Party Advisory] https://lists.fedoraproject.org/archives/list/[email protected]/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/

[Third Party Advisory] https://lists.fedoraproject.org/archives/list/[email protected]/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/

[Third Party Advisory] https://lists.fedoraproject.org/archives/list/[email protected]/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 1.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

Status published

Affected Products (16)

linux/linux_kernel < 4.19.313

linux/linux_kernel

debian/debian_linux

fedoraproject/fedora

linux/Kernel < 4.19.313linux

linux/Kernel < 5.4.275linux

linux/Kernel < 5.10.216linux

linux/Kernel < 5.15.157linux

linux/Kernel < 6.1.88linux

linux/Kernel < 6.6.29linux

... and 1 more

Timeline

Published Apr 23, 2024

Tracked Since Feb 18, 2026