CVE-2024-38568
Published: Jun 19, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd [1], but the driver does not check whether the array index is out of bounds when writing data to the event_group array. If the number of events in an event_group is greater than HNS3_PMU_MAX_HW_EVENTS, the memory write overflow of event_group array occurs. Add array index check to fix the possible array out of bounds violation, and return directly when write new events are written to array bounds. There are 9 different events in an event_group. [1] perf stat -e '{pmu/event1/, ... ,pmu/event9/}
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 66637ab137b44914356a9dc7a9b3f8ebcf0b0695 - < 3669baf308308385a2ab391324abdde5682af5aaaffected 66637ab137b44914356a9dc7a9b3f8ebcf0b0695 - < be1fa711e59c874d049f592aef1d4685bdd22bdfaffected 66637ab137b44914356a9dc7a9b3f8ebcf0b0695 - < b5120d322763c15c978bc47beb3b6dff45624304affected 66637ab137b44914356a9dc7a9b3f8ebcf0b0695 - < aa2d3d678895c8eedd003f1473f87d3f06fe6ec7affected 66637ab137b44914356a9dc7a9b3f8ebcf0b0695 - < 81bdd60a3d1d3b05e6cc6674845afb1694dd3a0e |
Linux | Linux | affected 6.0unaffected 0 - < 6.0unaffected 6.1.93 - <= 6.1.*unaffected 6.6.33 - <= 6.6.*unaffected 6.8.12 - <= 6.8.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now