CVE-2024-42065

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jul 29, 2024

Updated: Jul 30, 2024

CWE ID 476

Summary

CVE-2024-42065 is a recently identified vulnerability affecting the Linux kernel. This issue involves a null pointer error in the drm/xe module, specifically in the function xe_ttm_stolen_mgr_init. The error arises when the mgr variable is not checked for nullity before being used, potentially leading to a kernel panic or even system compromise. The vulnerability has been resolved through the addition of a NULL check and an explicit mgr validation step in the function initialization process.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xUVkE4
https://www.cve.org/CVERecord?id=CVE-2024-42065
https://nvd.nist.gov/vuln/detail/CVE-2024-42065

Back to Vulnerability Database

CVE-2024-42065

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations