CVE-2024-49984

HIGH

Linux Kernel 6.8-6.10.3, 6.11.0-6.11.2, 6.12 - Out-of-bounds Write in V3D Performance Query Extensions

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be copied into.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/3e50d72abe50204c7b19784a66e86da29dde32c2

Patch

https://git.kernel.org/stable/c/d9536f16be3970c170571efa707c13cd089c774e

Patch

https://git.kernel.org/stable/c/f32b5128d2c440368b5bf3a7a356823e235caabb

Scores

CVSS v3 7.8

EPSS 0.0024

EPSS Percentile 15.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (11)

linux/Kernel 6.11.0 - 6.11.3linux

linux/Kernel 6.8.0 - 6.10.14linux

Linux/Linux < 6.8

Linux/Linux 6.10.14 - 6.10.*

Linux/Linux 6.11.3 - 6.11.*

Linux/Linux 6.12

Linux/Linux 6.8

Linux/Linux bae7cb5d68001a8d4ceec5964dda74bb9aab7220 - 3e50d72abe50204c7b19784a66e86da29dde32c2

Linux/Linux bae7cb5d68001a8d4ceec5964dda74bb9aab7220 - d9536f16be3970c170571efa707c13cd089c774e

Linux/Linux bae7cb5d68001a8d4ceec5964dda74bb9aab7220 - f32b5128d2c440368b5bf3a7a356823e235caabb

... and 1 more

Published Oct 21, 2024

Tracked Since Feb 18, 2026