CVE-2024-36960
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Fix invalid reads in fence signaled events
Correctly set the length of the drm_event to the size of the structure that's actually used.
The length of the drm_event was set to the parent structure instead of to the drm_vmw_event_fence which is supposed to be read. drm_read uses the length parameter to copy the event to the user space thus resuling in oob reads.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 8b7de6aa84682a3396544fd88cd457f95484573a < 2f527e3efd37c7c5e85e8aa86308856b619fa59f | affected |
| Linux | Linux | 8b7de6aa84682a3396544fd88cd457f95484573a < cef0962f2d3e5fd0660c8efb72321083a1b531a9 | affected |
| Linux | Linux | 8b7de6aa84682a3396544fd88cd457f95484573a < 3cd682357c6167f636aec8ac0efaa8ba61144d36 | affected |
| Linux | Linux | 8b7de6aa84682a3396544fd88cd457f95484573a < b7bab33c4623c66e3398d5253870d4e88c52dfc0 | affected |
| Linux | Linux | 8b7de6aa84682a3396544fd88cd457f95484573a < 0dbfc73670b357456196130551e586345ca48e1b | affected |
| Linux | Linux | 8b7de6aa84682a3396544fd88cd457f95484573a < 7b5fd3af4a250dd0a2a558e07b43478748eb5d22 | affected |
| Linux | Linux | 8b7de6aa84682a3396544fd88cd457f95484573a < deab66596dfad14f1c54eeefdb72428340d72a77 | affected |
| Linux | Linux | 8b7de6aa84682a3396544fd88cd457f95484573a < a37ef7613c00f2d72c8fc08bd83fb6cc76926c8c | affected |
| Linux | Linux | 3.4 | affected |
| Linux | Linux | 0 < 3.4 | unaffected |
| Linux | Linux | 4.19.314 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.276 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.217 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.159 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.91 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.31 <= 6.6.* | unaffected |
| Linux | Linux | 6.8.10 <= 6.8.* | unaffected |
| Linux | Linux | 6.9 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/2f527e3efd37c7c5e85e8aa86308856b619fa59f
- https://git.kernel.org/stable/c/cef0962f2d3e5fd0660c8efb72321083a1b531a9
- https://git.kernel.org/stable/c/3cd682357c6167f636aec8ac0efaa8ba61144d36
- https://git.kernel.org/stable/c/b7bab33c4623c66e3398d5253870d4e88c52dfc0
- https://git.kernel.org/stable/c/0dbfc73670b357456196130551e586345ca48e1b
- https://git.kernel.org/stable/c/7b5fd3af4a250dd0a2a558e07b43478748eb5d22
- https://git.kernel.org/stable/c/deab66596dfad14f1c54eeefdb72428340d72a77
- https://git.kernel.org/stable/c/a37ef7613c00f2d72c8fc08bd83fb6cc76926c8c
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
References
- https://git.kernel.org/stable/c/2f527e3efd37c7c5e85e8aa86308856b619fa59f
- https://git.kernel.org/stable/c/cef0962f2d3e5fd0660c8efb72321083a1b531a9
- https://git.kernel.org/stable/c/3cd682357c6167f636aec8ac0efaa8ba61144d36
- https://git.kernel.org/stable/c/b7bab33c4623c66e3398d5253870d4e88c52dfc0
- https://git.kernel.org/stable/c/0dbfc73670b357456196130551e586345ca48e1b
- https://git.kernel.org/stable/c/7b5fd3af4a250dd0a2a558e07b43478748eb5d22
- https://git.kernel.org/stable/c/deab66596dfad14f1c54eeefdb72428340d72a77
- https://git.kernel.org/stable/c/a37ef7613c00f2d72c8fc08bd83fb6cc76926c8c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.