SB2024102160 - Memory leak in Linux kernel drm v3d driver
Published: October 21, 2024 Updated: May 12, 2025
Security Bulletin ID
SB2024102160
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2024-49984)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v3d_get_cpu_reset_performance_params() and v3d_get_cpu_copy_performance_query_params() functions in drivers/gpu/drm/v3d/v3d_submit.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/73ad583bd4938bf37d2709fc36901eb6f22f2722
- https://git.kernel.org/stable/c/3e50d72abe50204c7b19784a66e86da29dde32c2
- https://git.kernel.org/stable/c/d9536f16be3970c170571efa707c13cd089c774e
- https://git.kernel.org/stable/c/f32b5128d2c440368b5bf3a7a356823e235caabb
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.14
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11.3
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12