CVE-2024-43867
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/nouveau: prime: fix refcount underflow
Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow.
Instead of calling nouveau_bo_ref() in the unwind path of drm_gem_object_init(), clean things up manually.
(cherry picked from commit 1b93f3e89d03cfc576636e195466a0d728ad8de5)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | ab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < 3bcb8bba72ce89667fa863054956267c450c47ef | affected |
| Linux | Linux | ab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < 906372e753c5027a1dc88743843b6aa2ad1aaecf | affected |
| Linux | Linux | ab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < 16998763c62bb465ebc409d0373b9cdcef1a61a6 | affected |
| Linux | Linux | ab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < ebebba4d357b6c67f96776a48ddbaf0060fa4c10 | affected |
| Linux | Linux | ab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < f23cd66933fe76b84d8e282e5606b4d99068c320 | affected |
| Linux | Linux | ab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < 2a1b327d57a8ac080977633a18999f032d7e9e3f | affected |
| Linux | Linux | ab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6 < a9bf3efc33f1fbf88787a277f7349459283c9b95 | affected |
| Linux | Linux | 3.9 | affected |
| Linux | Linux | 0 < 3.9 | unaffected |
| Linux | Linux | 5.4.282 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.224 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.165 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.104 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.45 <= 6.6.* | unaffected |
| Linux | Linux | 6.10.4 <= 6.10.* | unaffected |
| Linux | Linux | 6.11 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
References
- https://git.kernel.org/stable/c/3bcb8bba72ce89667fa863054956267c450c47ef
- https://git.kernel.org/stable/c/906372e753c5027a1dc88743843b6aa2ad1aaecf
- https://git.kernel.org/stable/c/16998763c62bb465ebc409d0373b9cdcef1a61a6
- https://git.kernel.org/stable/c/ebebba4d357b6c67f96776a48ddbaf0060fa4c10
- https://git.kernel.org/stable/c/f23cd66933fe76b84d8e282e5606b4d99068c320
- https://git.kernel.org/stable/c/2a1b327d57a8ac080977633a18999f032d7e9e3f
- https://git.kernel.org/stable/c/a9bf3efc33f1fbf88787a277f7349459283c9b95
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.