CVE-2024-43867: linux kernel vulnerability

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in the unwind path of drm_gem_object_init(), clean things up manually. (cherry picked from commit 1b93f3e89d03cfc576636e195466a0d728ad8de5)
CVE-2024-43867CVSS 5.5Linux

CVE-2024-43867: linux kernel vulnerability

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in the unwind path of drm_gem_object_init(), clean things up manually. (cherry picked from commit 1b93f3e89d03cfc576636e195466a0d728ad8de5)

CVSS
5.5 MEDIUM
EPSS
11.92%
Known exploited
not in KEV
Product
linux kernel

What is known

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in the unwind path of drm_gem_object_init(), clean things up manually. (cherry picked from commit 1b93f3e89d03cfc576636e195466a0d728ad8de5)

Sources

Security newsletter

Get new CVE alerts before they become an incident

We send selected infrastructure threats in English, with practical notes for DataHouse environments.

  • DataHouse: server administration and secure cloud
  • Hostilla.pl: hosting and mail services
  • SecDNS.pl: free DNS security layer