CVE-2024-50173

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup()

The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated list_head, not a valid group. Get the ptdev object from the scheduler instead.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd72f049087d4f973f6332b599c92177e718107de < ac2ca5e5148a0d4d78ac01c2d8348d0757c7367faffected
LinuxLinuxd72f049087d4f973f6332b599c92177e718107de < 3bde05794497d5f426d4ea2ecb9868bf7721fb24affected
LinuxLinuxd72f049087d4f973f6332b599c92177e718107de < 282864cc5d3f144af0cdea1868ee2dc2c5110f0daffected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.10.14 <= 6.10.*unaffected
LinuxLinux6.11.3 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References