CVE-2024-50282

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Avoid a possible buffer overflow if size is larger than 4K. (cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434)

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2faaee36e6e30f9efc7fa6bcb0bdcbe05c23f51f	Patch
https://git.kernel.org/stable/c/4d75b9468021c73108b4439794d69e892b1d24e3	Patch
https://git.kernel.org/stable/c/673bdb4200c092692f83b5f7ba3df57021d52d29	Patch
https://git.kernel.org/stable/c/8906728f2fbd6504cb488f4afdd66af28f330a7a	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc6::::::

History

24 Jan 2025, 16:15

Type	Values Removed	Values Added
References	~~{'url': 'https://git.kernel.org/stable/c/17f5f18085acb5e9d8d13d84a4e12bb3aff2bd64', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/25d7e84343e1235b667cf5226c3934fdf36f0df6', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/7ccd781794d247589104a791caab491e21218fba', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~ ~~{'url': 'https://git.kernel.org/stable/c/aaf6160a4b7f9ee3cd91aa5b3251f5dbe2170f42', 'tags': ['Patch'], 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}~~

21 Nov 2024, 21:14

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:6.12:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc2:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.12:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc3::::::
First Time		Linux linux Kernel Linux
CWE		CWE-120
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
References	~~() https://git.kernel.org/stable/c/17f5f18085acb5e9d8d13d84a4e12bb3aff2bd64 -~~	() https://git.kernel.org/stable/c/17f5f18085acb5e9d8d13d84a4e12bb3aff2bd64 - Patch
References	~~() https://git.kernel.org/stable/c/25d7e84343e1235b667cf5226c3934fdf36f0df6 -~~	() https://git.kernel.org/stable/c/25d7e84343e1235b667cf5226c3934fdf36f0df6 - Patch
References	~~() https://git.kernel.org/stable/c/2faaee36e6e30f9efc7fa6bcb0bdcbe05c23f51f -~~	() https://git.kernel.org/stable/c/2faaee36e6e30f9efc7fa6bcb0bdcbe05c23f51f - Patch
References	~~() https://git.kernel.org/stable/c/4d75b9468021c73108b4439794d69e892b1d24e3 -~~	() https://git.kernel.org/stable/c/4d75b9468021c73108b4439794d69e892b1d24e3 - Patch
References	~~() https://git.kernel.org/stable/c/673bdb4200c092692f83b5f7ba3df57021d52d29 -~~	() https://git.kernel.org/stable/c/673bdb4200c092692f83b5f7ba3df57021d52d29 - Patch
References	~~() https://git.kernel.org/stable/c/7ccd781794d247589104a791caab491e21218fba -~~	() https://git.kernel.org/stable/c/7ccd781794d247589104a791caab491e21218fba - Patch
References	~~() https://git.kernel.org/stable/c/8906728f2fbd6504cb488f4afdd66af28f330a7a -~~	() https://git.kernel.org/stable/c/8906728f2fbd6504cb488f4afdd66af28f330a7a - Patch
References	~~() https://git.kernel.org/stable/c/aaf6160a4b7f9ee3cd91aa5b3251f5dbe2170f42 -~~	() https://git.kernel.org/stable/c/aaf6160a4b7f9ee3cd91aa5b3251f5dbe2170f42 - Patch

19 Nov 2024, 21:57

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: agregar comprobación de tamaño faltante en amdgpu_debugfs_gprwave_read() Evitar un posible desbordamiento de búfer si el tamaño es mayor a 4K. (seleccionado de el commit f5d873f5825b40d886d03bd2aede91d4cf002434)

19 Nov 2024, 02:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-19 02:16

Updated : 2025-02-18 16:15

NVD link : CVE-2024-50282

Mitre link : CVE-2024-50282

CVE.ORG link : CVE-2024-50282

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

7.8 /10