CVE-2024-50214

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-50214
In the Linux kernel, the following vulnerability has been resolved: drm/connector: hdmi: Fix memory leak in drm_display_mode_from_cea_vic() modprobe drm_connector_test and then rmmod drm_connector_test, the following memory leak occurs. The `mode` allocated in drm_mode_duplicate() called by drm_display_mode_from_cea_vic() is not freed, which cause the memory leak: unreferenced object 0xffffff80cb0ee400 (size 128): comm "kunit_try_catch", pid 1948, jiffies 4294950339 hex dump (first 32 bytes): 14 44 02 00 80 07 d8 07 04 08 98 08 00 00 38 04 .D............8. 3c 04 41 04 65 04 00 00 05 00 00 00 00 00 00 00 <.A.e........... backtrace (crc 90e9585c): [<00000000ec42e3d7>] kmemleak_alloc+0x34/0x40 [<00000000d0ef055a>] __kmalloc_cache_noprof+0x26c/0x2f4 [<00000000c2062161>] drm_mode_duplicate+0x44/0x19c [<00000000f96c74aa>] drm_display_mode_from_cea_vic+0x88/0x98 [<00000000d8f2c8b4>] 0xffffffdc982a4868 [<000000005d164dbc>] kunit_try_run_case+0x13c/0x3ac [<000000006fb23398>] kunit_generic_run_threadfn_adapter+0x80/0xec [<000000006ea56ca0>] kthread+0x2e8/0x374 [<000000000676063f>] ret_from_fork+0x10/0x20 ...... Free `mode` by using drm_kunit_display_mode_from_cea_vic() to fix it.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/926163342a2e7595d950e84c17c693b1272bd491 Patch
https://git.kernel.org/stable/c/df2b00685cd33cd85be8910c7d6d22c4ebbf18bb Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*
History

13 Nov 2024, 17:25

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
First Time Linux linux Kernel
Linux
CWE CWE-401
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
References () https://git.kernel.org/stable/c/926163342a2e7595d950e84c17c693b1272bd491 - () https://git.kernel.org/stable/c/926163342a2e7595d950e84c17c693b1272bd491 - Patch
References () https://git.kernel.org/stable/c/df2b00685cd33cd85be8910c7d6d22c4ebbf18bb - () https://git.kernel.org/stable/c/df2b00685cd33cd85be8910c7d6d22c4ebbf18bb - Patch

12 Nov 2024, 13:56

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/connector: hdmi: Se corrige la pérdida de memoria en drm_display_mode_from_cea_vic() modprobe drm_connector_test y luego rmmod drm_connector_test, se produce la siguiente pérdida de memoria. El `modo` asignado en drm_mode_duplicate() llamado por drm_display_mode_from_cea_vic() no se libera, lo que causa la pérdida de memoria: objeto sin referencia 0xffffff80cb0ee400 (tamaño 128): comm "kunit_try_catch", pid 1948, jiffies 4294950339 volcado hexadecimal (primeros 32 bytes): 14 44 02 00 80 07 d8 07 04 08 98 08 00 00 38 04 .D............8. 3c 04 41 04 65 04 00 00 05 00 00 00 00 00 00 00 &lt;.Ae.......... seguimiento inverso (crc 90e9585c): [&lt;00000000ec42e3d7&gt;] kmemleak_alloc+0x34/0x40 [&lt;00000000d0ef055a&gt;] __kmalloc_cache_noprof+0x26c/0x2f4 [&lt;00000000c2062161&gt;] drm_mode_duplicate+0x44/0x19c [&lt;00000000f96c74aa&gt;] drm_display_mode_from_cea_vic+0x88/0x98 [&lt;00000000d8f2c8b4&gt;] 0xffffffdc982a4868 [&lt;000000005d164dbc&gt;] kunit_try_run_case+0x13c/0x3ac [&lt;000000006fb23398&gt;] kunit_generic_run_threadfn_adapter+0x80/0xec [&lt;000000006ea56ca0&gt;] kthread+0x2e8/0x374 [&lt;000000000676063f&gt;] ret_from_fork+0x10/0x20 ...... Libere el `modo` usando drm_kunit_display_mode_from_cea_vic() para solucionarlo.

09 Nov 2024, 11:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-09 11:15

Updated : 2024-11-13 17:25

NVD link : CVE-2024-50214

Mitre link : CVE-2024-50214

CVE.ORG link : CVE-2024-50214

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-401

Missing Release of Memory after Effective Lifetime


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024