CVE-2024-36960
Published: Jun 3, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drm_event to the size of the structure that's actually used. The length of the drm_event was set to the parent structure instead of to the drm_vmw_event_fence which is supposed to be read. drm_read uses the length parameter to copy the event to the user space thus resuling in oob reads.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8b7de6aa84682a3396544fd88cd457f95484573a - < 2f527e3efd37c7c5e85e8aa86308856b619fa59faffected 8b7de6aa84682a3396544fd88cd457f95484573a - < cef0962f2d3e5fd0660c8efb72321083a1b531a9affected 8b7de6aa84682a3396544fd88cd457f95484573a - < 3cd682357c6167f636aec8ac0efaa8ba61144d36affected 8b7de6aa84682a3396544fd88cd457f95484573a - < b7bab33c4623c66e3398d5253870d4e88c52dfc0affected 8b7de6aa84682a3396544fd88cd457f95484573a - < 0dbfc73670b357456196130551e586345ca48e1b+3 more versions |
Linux | Linux | affected 3.4unaffected 0 - < 3.4unaffected 4.19.314 - <= 4.19.*unaffected 5.4.276 - <= 5.4.*unaffected 5.10.217 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now