Lucene search

GoogleOSV:CVE-2024-42123

HistoryJul 30, 2024 - 8:15 a.m.

CVE-2024-42123

2024-07-3008:15:04

Google

osv.dev

linux kernel

vulnerability

fix

amdgpu

driver

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.3

Confidence

High

JSON

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: fix double free err_addr pointer warnings

In amdgpu_umc_bad_page_polling_timeout, the amdgpu_umc_handle_bad_pages
will be run many times so that double free err_addr in some special case.
So set the err_addr to NULL to avoid the warnings.

References

git.kernel.org/stable/c/506c245f3f1cd989cb89811a7f06e04ff8813a0d

git.kernel.org/stable/c/8e24beb3c2b08a4763f920399a9cc577ed440a1a

security-tracker.debian.org/tracker/CVE-2024-42123

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.3

Confidence

High

JSON

Related for OSV:CVE-2024-42123