CVE-2024-50134
Published: Nov 5, 2024
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA Replace the fake VLA at end of the vbva_mouse_pointer_shape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: [ 13.319813] memcpy: detected field-spanning write (size 16896) of single field "p->data" at drivers/gpu/drm/vboxvideo/hgsmi_base.c:154 (size 4) [ 13.319841] WARNING: CPU: 0 PID: 1105 at drivers/gpu/drm/vboxvideo/hgsmi_base.c:154 hgsmi_update_pointer_shape+0x192/0x1c0 [vboxvideo] [ 13.320038] Call Trace: [ 13.320173] hgsmi_update_pointer_shape [vboxvideo] [ 13.320184] vbox_cursor_atomic_update [vboxvideo] Note as mentioned in the added comment it seems the original length calculation for the allocated and send hgsmi buffer is 4 bytes too large. Changing this is not the goal of this patch, so this behavior is kept.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected dd55d44f408419278c00887bfcb2261d0caae350 - < 02c86c5d5ef4bbba17d38859c74872825f536617affected dd55d44f408419278c00887bfcb2261d0caae350 - < 75f828e944dacaac8870418461d3d48a1ecf2331affected dd55d44f408419278c00887bfcb2261d0caae350 - < 34a422274b693507025a7db21519865d1862afcbaffected dd55d44f408419278c00887bfcb2261d0caae350 - < 7458a6cdaebb3dc59af8578ee354fae78a154c4aaffected dd55d44f408419278c00887bfcb2261d0caae350 - < 9eb32bd23bbcec44bcbef27b7f282b7a7f3d0391+2 more versions |
Linux | Linux | affected 4.13unaffected 0 - < 4.13unaffected 5.4.285 - <= 5.4.*unaffected 5.10.229 - <= 5.10.*unaffected 5.15.170 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now