CVE-2024-43867

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/nouveau: prime: fix refcount underflow

Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow.

Instead of calling nouveau_bo_ref() in the unwind path of drm_gem_object_init(), clean things up manually.

(cherry picked from commit 1b93f3e89d03cfc576636e195466a0d728ad8de5)

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < 3bcb8bba72ce89667fa863054956267c450c47efaffected
LinuxLinuxab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < 906372e753c5027a1dc88743843b6aa2ad1aaecfaffected
LinuxLinuxab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < 16998763c62bb465ebc409d0373b9cdcef1a61a6affected
LinuxLinuxab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < ebebba4d357b6c67f96776a48ddbaf0060fa4c10affected
LinuxLinuxab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < f23cd66933fe76b84d8e282e5606b4d99068c320affected
LinuxLinuxab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < 2a1b327d57a8ac080977633a18999f032d7e9e3faffected
LinuxLinuxab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < a9bf3efc33f1fbf88787a277f7349459283c9b95affected
LinuxLinux3.9affected
LinuxLinux0 < 3.9unaffected
LinuxLinux5.4.282 <= 5.4.*unaffected
LinuxLinux5.10.224 <= 5.10.*unaffected
LinuxLinux5.15.165 <= 5.15.*unaffected
LinuxLinux6.1.104 <= 6.1.*unaffected
LinuxLinux6.6.45 <= 6.6.*unaffected
LinuxLinux6.10.4 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References