CVE-2024-46837

Published: Sep 27, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on group_create We were allowing any users to create a high priority group without any permission checks. As a result, this was allowing possible denial of service. We now only allow the DRM master or users with the CAP_SYS_NICE capability to set higher priorities than PANTHOR_GROUP_PRIORITY_MEDIUM. As the sole user of that uAPI lives in Mesa and hardcode a value of MEDIUM [1], this should be safe to do. Additionally, as those checks are performed at the ioctl level, panthor_group_create now only check for priority level validity. [1]https://gitlab.freedesktop.org/mesa/mesa/-/blob/f390835074bdf162a63deb0311d1a6de527f9f89/src/gallium/drivers/panfrost/pan_csf.c#L1038

Vendor	Product	Versions
Linux	Linux	affected `de85488138247d034eb3241840424a54d660926b - < 33eb0344e186a2bcc257c6c5a6e65c1cb42adb4a` affected `de85488138247d034eb3241840424a54d660926b - < 5f7762042f8a5377bd8a32844db353c0311a7369`
Linux	Linux	affected `6.10` unaffected `0 - < 6.10` unaffected `6.10.10 - <= 6.10.` unaffected `6.11 - <= `

References

https://git.kernel.org/stable/c/33eb0344e186a2bcc257c6c5a6e65c1cb42adb4a

https://git.kernel.org/stable/c/5f7762042f8a5377bd8a32844db353c0311a7369

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-46837

Description

Affected Products

References