CVE-2024-50189

In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() Using the device-managed version allows to simplify clean-up in probe() error path. Additionally, this device-managed ensures proper cleanup, which helps to resolve memory errors, page faults, btrfs going read-only, and btrfs disk corruption.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1c3b4c90479aa0375ec98fe1a802993ff96a5f47	Patch
https://git.kernel.org/stable/c/4cd9c5a0fcadc39a05c978a01e15e0d1edc4be93	Patch
https://git.kernel.org/stable/c/8c6ad37e5882073cab84901a31da9cb22f316276	Patch
https://git.kernel.org/stable/c/9dfee956f53eea96d93ef1e13ab4ce020f4c58b3	Patch
https://git.kernel.org/stable/c/c56f9ecb7fb6a3a90079c19eb4c8daf3bbf514b3	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc3::::::

History

27 Nov 2024, 16:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:o:linux:linux_kernel:6.12:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc2:::::: cpe:2.3:o:linux:linux_kernel::::::::
First Time		Linux linux Kernel Linux
References	~~() https://git.kernel.org/stable/c/1c3b4c90479aa0375ec98fe1a802993ff96a5f47 -~~	() https://git.kernel.org/stable/c/1c3b4c90479aa0375ec98fe1a802993ff96a5f47 - Patch
References	~~() https://git.kernel.org/stable/c/4cd9c5a0fcadc39a05c978a01e15e0d1edc4be93 -~~	() https://git.kernel.org/stable/c/4cd9c5a0fcadc39a05c978a01e15e0d1edc4be93 - Patch
References	~~() https://git.kernel.org/stable/c/8c6ad37e5882073cab84901a31da9cb22f316276 -~~	() https://git.kernel.org/stable/c/8c6ad37e5882073cab84901a31da9cb22f316276 - Patch
References	~~() https://git.kernel.org/stable/c/9dfee956f53eea96d93ef1e13ab4ce020f4c58b3 -~~	() https://git.kernel.org/stable/c/9dfee956f53eea96d93ef1e13ab4ce020f4c58b3 - Patch
References	~~() https://git.kernel.org/stable/c/c56f9ecb7fb6a3a90079c19eb4c8daf3bbf514b3 -~~	() https://git.kernel.org/stable/c/c56f9ecb7fb6a3a90079c19eb4c8daf3bbf514b3 - Patch

08 Nov 2024, 19:01

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: amd_sfh: Cambiar a la versión administrada por el dispositivo dmam_alloc_coherent() El uso de la versión administrada por el dispositivo permite simplificar la limpieza en la ruta de error de probe(). Además, esta versión administrada por el dispositivo garantiza una desinfección adecuada, lo que ayuda a resolver errores de memoria, fallas de página, btrfs que pasa a ser de solo lectura y corrupción de disco de btrfs.

08 Nov 2024, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-08 06:15

Updated : 2024-11-27 16:16

NVD link : CVE-2024-50189

Mitre link : CVE-2024-50189

CVE.ORG link : CVE-2024-50189

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

5.5 /10