CVE-2024-42259 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. This can cause page fault access. Fix the calculation of the starting and ending addresses, the total size is now deduced from the difference between the end and start addresses. Additionally, the calculations have been rewritten in a clearer and more understandable form. [Joonas: Add Requires: tag] Requires: 60a2066c5005 ("drm/i915/gem: Adjust vma offset for framebuffer mmap offset") (cherry picked from commit 97b6784753da06d9d40232328efc5c5367e53417)

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

References

Link	Providers
https://git.kernel.org/stable/c/3e06073d24807f04b4694108a8474decb7b99e60
https://git.kernel.org/stable/c/4b09513ce93b3dcb590baaaff2ce96f2d098312d
https://git.kernel.org/stable/c/50111a8098fb9ade621eeff82228a997d42732ab
https://git.kernel.org/stable/c/8bdd9ef7e9b1b2a73e394712b72b22055e0e26c3
https://git.kernel.org/stable/c/911f8055f175c82775d0fd8cedcd0b75413f4ba7
https://git.kernel.org/stable/c/a256d019eaf044864c7e50312f0a65b323c24f39
https://git.kernel.org/stable/c/e8a68aa842d3f8dd04a46b9d632e5f67fde1da9b
https://git.kernel.org/stable/c/ead9289a51ea82eb5b27029fcf4c34b2dd60cf06
https://lore.kernel.org/linux-cve-announce/2024081452-CVE-2024-42259-4cef@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-42259
https://project-zero.issues.chromium.org/issues/42451707
https://www.cve.org/CVERecord?id=CVE-2024-42259

History

Tue, 24 Sep 2024 09:30:00 +0000

Type	Values Removed	Values Added
References		https://project-zero.issues.chromium.org/issues/42451707

Thu, 12 Sep 2024 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-131
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 4.1, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 27 Aug 2024 02:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-119
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 4.1, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H'}`

Mon, 19 Aug 2024 04:45:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/3e06073d24807f04b4694108a8474decb7b99e60 https://git.kernel.org/stable/c/50111a8098fb9ade621eeff82228a997d42732ab https://git.kernel.org/stable/c/911f8055f175c82775d0fd8cedcd0b75413f4ba7 https://git.kernel.org/stable/c/a256d019eaf044864c7e50312f0a65b323c24f39 https://git.kernel.org/stable/c/e8a68aa842d3f8dd04a46b9d632e5f67fde1da9b

Fri, 16 Aug 2024 13:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2024081452-CVE-2024-42259-4cef@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2024-42259 https://www.cve.org/CVERecord?id=CVE-2024-42259
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Wed, 14 Aug 2024 15:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. This can cause page fault access. Fix the calculation of the starting and ending addresses, the total size is now deduced from the difference between the end and start addresses. Additionally, the calculations have been rewritten in a clearer and more understandable form. [Joonas: Add Requires: tag] Requires: 60a2066c5005 ("drm/i915/gem: Adjust vma offset for framebuffer mmap offset") (cherry picked from commit 97b6784753da06d9d40232328efc5c5367e53417)
Title		drm/i915/gem: Fix Virtual Memory mapping boundaries calculation
References		https://git.kernel.org/stable/c/4b09513ce93b3dcb590baaaff2ce96f2d098312d https://git.kernel.org/stable/c/8bdd9ef7e9b1b2a73e394712b72b22055e0e26c3 https://git.kernel.org/stable/c/ead9289a51ea82eb5b27029fcf4c34b2dd60cf06

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-08-14T14:50:49.844Z

Updated: 2025-05-04T09:25:22.198Z

Reserved: 2024-07-30T07:40:12.257Z

Link: CVE-2024-42259

Vulnrichment

Updated: 2024-09-11T12:42:23.996Z

NVD

Status : Modified

Published: 2024-08-14T15:15:31.673

Modified: 2024-09-25T01:15:42.137

Link: CVE-2024-42259

Redhat

Severity : Moderate

Publid Date: 2024-08-14T00:00:00Z

Links: CVE-2024-42259 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42259", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-30T07:40:12.257Z", "datePublished": "2024-08-14T14:50:49.844Z", "dateUpdated": "2025-05-04T09:25:22.198Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:25:22.198Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gem: Fix Virtual Memory mapping boundaries calculation\n\nCalculating the size of the mapped area as the lesser value\nbetween the requested size and the actual size does not consider\nthe partial mapping offset. This can cause page fault access.\n\nFix the calculation of the starting and ending addresses, the\ntotal size is now deduced from the difference between the end and\nstart addresses.\n\nAdditionally, the calculations have been rewritten in a clearer\nand more understandable form.\n\n[Joonas: Add Requires: tag]\nRequires: 60a2066c5005 (\"drm/i915/gem: Adjust vma offset for framebuffer mmap offset\")\n(cherry picked from commit 97b6784753da06d9d40232328efc5c5367e53417)"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/i915/gem/i915_gem_mman.c"], "versions": [{"version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "3e06073d24807f04b4694108a8474decb7b99e60", "status": "affected", "versionType": "git"}, {"version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "a256d019eaf044864c7e50312f0a65b323c24f39", "status": "affected", "versionType": "git"}, {"version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "50111a8098fb9ade621eeff82228a997d42732ab", "status": "affected", "versionType": "git"}, {"version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "911f8055f175c82775d0fd8cedcd0b75413f4ba7", "status": "affected", "versionType": "git"}, {"version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "e8a68aa842d3f8dd04a46b9d632e5f67fde1da9b", "status": "affected", "versionType": "git"}, {"version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "4b09513ce93b3dcb590baaaff2ce96f2d098312d", "status": "affected", "versionType": "git"}, {"version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "ead9289a51ea82eb5b27029fcf4c34b2dd60cf06", "status": "affected", "versionType": "git"}, {"version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "8bdd9ef7e9b1b2a73e394712b72b22055e0e26c3", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/i915/gem/i915_gem_mman.c"], "versions": [{"version": "4.9", "status": "affected"}, {"version": "0", "lessThan": "4.9", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.320", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.282", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.224", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.165", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.106", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.46", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.5", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "4.19.320"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "5.4.282"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "5.10.224"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "5.15.165"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "6.1.106"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "6.6.46"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "6.10.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "6.11"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/3e06073d24807f04b4694108a8474decb7b99e60"}, {"url": "https://git.kernel.org/stable/c/a256d019eaf044864c7e50312f0a65b323c24f39"}, {"url": "https://git.kernel.org/stable/c/50111a8098fb9ade621eeff82228a997d42732ab"}, {"url": "https://git.kernel.org/stable/c/911f8055f175c82775d0fd8cedcd0b75413f4ba7"}, {"url": "https://git.kernel.org/stable/c/e8a68aa842d3f8dd04a46b9d632e5f67fde1da9b"}, {"url": "https://git.kernel.org/stable/c/4b09513ce93b3dcb590baaaff2ce96f2d098312d"}, {"url": "https://git.kernel.org/stable/c/ead9289a51ea82eb5b27029fcf4c34b2dd60cf06"}, {"url": "https://git.kernel.org/stable/c/8bdd9ef7e9b1b2a73e394712b72b22055e0e26c3"}, {"url": "https://project-zero.issues.chromium.org/issues/42451707"}], "title": "drm/i915/gem: Fix Virtual Memory mapping boundaries calculation", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42259", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:12:50.301256Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-12T17:33:33.719Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42259", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:12:50.301256Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:23.996Z"}}], "cna": {"title": "drm/i915/gem: Fix Virtual Memory mapping boundaries calculation", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "3e06073d24807f04b4694108a8474decb7b99e60", "versionType": "git"}, {"status": "affected", "version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "a256d019eaf044864c7e50312f0a65b323c24f39", "versionType": "git"}, {"status": "affected", "version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "50111a8098fb9ade621eeff82228a997d42732ab", "versionType": "git"}, {"status": "affected", "version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "911f8055f175c82775d0fd8cedcd0b75413f4ba7", "versionType": "git"}, {"status": "affected", "version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "e8a68aa842d3f8dd04a46b9d632e5f67fde1da9b", "versionType": "git"}, {"status": "affected", "version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "4b09513ce93b3dcb590baaaff2ce96f2d098312d", "versionType": "git"}, {"status": "affected", "version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "ead9289a51ea82eb5b27029fcf4c34b2dd60cf06", "versionType": "git"}, {"status": "affected", "version": "c58305af1835095ddc25ee6f548ac05915e66ac5", "lessThan": "8bdd9ef7e9b1b2a73e394712b72b22055e0e26c3", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/i915/gem/i915_gem_mman.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.9"}, {"status": "unaffected", "version": "0", "lessThan": "4.9", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.320", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.282", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.224", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.165", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.106", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.46", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.10.5", "versionType": "semver", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/i915/gem/i915_gem_mman.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/3e06073d24807f04b4694108a8474decb7b99e60"}, {"url": "https://git.kernel.org/stable/c/a256d019eaf044864c7e50312f0a65b323c24f39"}, {"url": "https://git.kernel.org/stable/c/50111a8098fb9ade621eeff82228a997d42732ab"}, {"url": "https://git.kernel.org/stable/c/911f8055f175c82775d0fd8cedcd0b75413f4ba7"}, {"url": "https://git.kernel.org/stable/c/e8a68aa842d3f8dd04a46b9d632e5f67fde1da9b"}, {"url": "https://git.kernel.org/stable/c/4b09513ce93b3dcb590baaaff2ce96f2d098312d"}, {"url": "https://git.kernel.org/stable/c/ead9289a51ea82eb5b27029fcf4c34b2dd60cf06"}, {"url": "https://git.kernel.org/stable/c/8bdd9ef7e9b1b2a73e394712b72b22055e0e26c3"}, {"url": "https://project-zero.issues.chromium.org/issues/42451707"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gem: Fix Virtual Memory mapping boundaries calculation\n\nCalculating the size of the mapped area as the lesser value\nbetween the requested size and the actual size does not consider\nthe partial mapping offset. This can cause page fault access.\n\nFix the calculation of the starting and ending addresses, the\ntotal size is now deduced from the difference between the end and\nstart addresses.\n\nAdditionally, the calculations have been rewritten in a clearer\nand more understandable form.\n\n[Joonas: Add Requires: tag]\nRequires: 60a2066c5005 (\"drm/i915/gem: Adjust vma offset for framebuffer mmap offset\")\n(cherry picked from commit 97b6784753da06d9d40232328efc5c5367e53417)"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.320", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.282", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.224", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.165", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.106", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.46", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.10.5", "versionStartIncluding": "4.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.11", "versionStartIncluding": "4.9"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:25:22.198Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42259", "state": "PUBLISHED", "dateUpdated": "2025-05-04T09:25:22.198Z", "dateReserved": "2024-07-30T07:40:12.257Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-08-14T14:50:49.844Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F30738D4-FF99-4B8F-A798-76B5C6F59C79", "versionEndExcluding": "4.19.320", "versionStartIncluding": "4.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A8961D98-9ACF-4188-BA88-44038B14BC28", "versionEndExcluding": "5.4.282", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CCEDF13-293D-4E64-B501-4409D0365AFE", "versionEndExcluding": "5.10.224", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4E2B568-3171-41DE-B519-F2B1A3600D94", "versionEndExcluding": "5.15.165", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F3AF3DA-1553-4AB8-97CC-7D0C91E4E23F", "versionEndExcluding": "6.1.106", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA11941E-81FB-484C-B583-881EEB488340", "versionEndExcluding": "6.6.46", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D074AE50-4A5E-499C-A2FD-75FD60DEA560", "versionEndExcluding": "6.10.5", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gem: Fix Virtual Memory mapping boundaries calculation\n\nCalculating the size of the mapped area as the lesser value\nbetween the requested size and the actual size does not consider\nthe partial mapping offset. This can cause page fault access.\n\nFix the calculation of the starting and ending addresses, the\ntotal size is now deduced from the difference between the end and\nstart addresses.\n\nAdditionally, the calculations have been rewritten in a clearer\nand more understandable form.\n\n[Joonas: Add Requires: tag]\nRequires: 60a2066c5005 (\"drm/i915/gem: Adjust vma offset for framebuffer mmap offset\")\n(cherry picked from commit 97b6784753da06d9d40232328efc5c5367e53417)"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/i915/gem: Arreglar el c\u00e1lculo de los l\u00edmites del mapeo de la memoria virtual. El c\u00e1lculo del tama\u00f1o del \u00e1rea mapeada como el valor menor entre el tama\u00f1o solicitado y el tama\u00f1o real no considera el desplazamiento del mapeo parcial. . Esto puede provocar un error de acceso a la p\u00e1gina. Corrija el c\u00e1lculo de las direcciones inicial y final; el tama\u00f1o total ahora se deduce de la diferencia entre las direcciones final e inicial. Adem\u00e1s, los c\u00e1lculos se han reescrito de una forma m\u00e1s clara y comprensible. [Joonas: Add Requires: tag] Requiere: 60a2066c5005 (\"drm/i915/gem: Ajustar el desplazamiento de vma para el desplazamiento de mmap del framebuffer\") (seleccionado de la confirmaci\u00f3n 97b6784753da06d9d40232328efc5c5367e53417)"}], "id": "CVE-2024-42259", "lastModified": "2024-09-25T01:15:42.137", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-08-14T15:15:31.673", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3e06073d24807f04b4694108a8474decb7b99e60"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4b09513ce93b3dcb590baaaff2ce96f2d098312d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/50111a8098fb9ade621eeff82228a997d42732ab"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8bdd9ef7e9b1b2a73e394712b72b22055e0e26c3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/911f8055f175c82775d0fd8cedcd0b75413f4ba7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a256d019eaf044864c7e50312f0a65b323c24f39"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e8a68aa842d3f8dd04a46b9d632e5f67fde1da9b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ead9289a51ea82eb5b27029fcf4c34b2dd60cf06"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://project-zero.issues.chromium.org/issues/42451707"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-131"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation", "id": "2304965", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304965"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-119", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/i915/gem: Fix Virtual Memory mapping boundaries calculation\nCalculating the size of the mapped area as the lesser value\nbetween the requested size and the actual size does not consider\nthe partial mapping offset. This can cause page fault access.\nFix the calculation of the starting and ending addresses, the\ntotal size is now deduced from the difference between the end and\nstart addresses.\nAdditionally, the calculations have been rewritten in a clearer\nand more understandable form.\n[Joonas: Add Requires: tag]\nRequires: 60a2066c5005 (\"drm/i915/gem: Adjust vma offset for framebuffer mmap offset\")\n(cherry picked from commit 97b6784753da06d9d40232328efc5c5367e53417)"], "name": "CVE-2024-42259", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-08-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-42259\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42259\nhttps://lore.kernel.org/linux-cve-announce/2024081452-CVE-2024-42259-4cef@gregkh/T"], "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object