CVE-2024-38569
Published: Jun 19, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd [1], but the driver does not check whether the array index is out of bounds when writing data to the event_group array. If the number of events in an event_group is greater than HISI_PCIE_MAX_COUNTERS, the memory write overflow of event_group array occurs. Add array index check to fix the possible array out of bounds violation, and return directly when write new events are written to array bounds. There are 9 different events in an event_group. [1] perf stat -e '{pmu/event1/, ... ,pmu/event9/}'
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8404b0fbc7fbd42e5c5d28cdedd450e70829c77a - < 3d1face00ebb7996842aee4214d7d0fb0c77b1e9affected 8404b0fbc7fbd42e5c5d28cdedd450e70829c77a - < 8e9aab2492178f25372f1820bfd9289fbd74efd0affected 8404b0fbc7fbd42e5c5d28cdedd450e70829c77a - < 567d34626c22b36579ec0abfdf5eda2949044220affected 8404b0fbc7fbd42e5c5d28cdedd450e70829c77a - < ff48247144d13a3a0817127703724256008efa78affected 8404b0fbc7fbd42e5c5d28cdedd450e70829c77a - < 77fce82678ea5fd51442e62febec2004f79e041b |
Linux | Linux | affected 5.17unaffected 0 - < 5.17unaffected 6.1.93 - <= 6.1.*unaffected 6.6.33 - <= 6.6.*unaffected 6.8.12 - <= 6.8.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now