PT-2024-8502 · Linux+6 · Linux Kernel+6

Ville Syrjälä

·

Publicado

2024-04-08

·

Atualizado

2025-09-29

·

CVE-2024-35950

CVSS v2.0

6.8

Média

VetorAV:L/AC:L/Au:S/C:C/I:C/A:C
Nome do software vulnerável e versões afetadas
Kernel do Linux (versões afetadas não especificadas)
Descrição
O problema está relacionado ao componente drm/client do kernel do Linux, onde a matriz modes[] contém ponteiros para modos nas listas de modos dos conectores, protegidos por dev->mode config.mutex. No entanto, a matriz modes[] em si não possui a mesma proteção, o que pode levar a elementos apontando para memória liberada ou reutilizada. Isso poderia permitir que um invasor elevasse privilégios no sistema.
Recomendações
No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

Exploit

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
BDU:2024-10062
CVE-2024-35950
DLA-3842-1
INFSA-2024_9315
OESA-2024-1677
OESA-2024-1678
OESA-2024-1693
OESA-2024-1694
OPENSUSE-SU-2024_2362-1
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
OPENSUSE-SU-2024_3623-1
OPENSUSE-SU-2024_3631-1
OPENSUSE-SU-2024_3639-1
OPENSUSE-SU-2024_3651-1
OPENSUSE-SU-2024_3652-1
OPENSUSE-SU-2024_3661-1
OPENSUSE-SU-2024_3672-1
OPENSUSE-SU-2024_3679-1
OPENSUSE-SU-2024_3685-1
OPENSUSE-SU-2024_3694-1
OPENSUSE-SU-2024_3695-1
OPENSUSE-SU-2024_3696-1
OPENSUSE-SU-2024_3697-1
OPENSUSE-SU-2024_3700-1
OPENSUSE-SU-2024_3774-1
OPENSUSE-SU-2024_3780-1
OPENSUSE-SU-2024_3793-1
OPENSUSE-SU-2024_3798-1
OPENSUSE-SU-2024_3806-1
OPENSUSE-SU-2024_3814-1
OPENSUSE-SU-2024_3815-1
OPENSUSE-SU-2024_3829-1
OPENSUSE-SU-2024_3830-1
OPENSUSE-SU-2024_3837-1
OPENSUSE-SU-2024_3842-1
OPENSUSE-SU-2024_3851-1
OPENSUSE-SU-2024_3852-1
OPENSUSE-SU-2024_3854-1
OPENSUSE-SU-2024_3855-1
OPENSUSE-SU-2024_4122-1
OPENSUSE-SU-2024_4123-1
OPENSUSE-SU-2024_4124-1
OPENSUSE-SU-2024_4180-1
OPENSUSE-SU-2024_4214-1
OPENSUSE-SU-2024_4216-1
OPENSUSE-SU-2024_4218-1
OPENSUSE-SU-2024_4234-1
OPENSUSE-SU-2024_4235-1
OPENSUSE-SU-2024_4236-1
OPENSUSE-SU-2024_4246-1
OPENSUSE-SU-2024_4256-1
OPENSUSE-SU-2024_4264-1
OPENSUSE-SU-2024_4266-1
OPENSUSE-SU-2024_4275-1
OPENSUSE-SU-2025_0101-1
OPENSUSE-SU-2025_0106-1
OPENSUSE-SU-2025_0107-1
OPENSUSE-SU-2025_0109-1
OPENSUSE-SU-2025_0110-1
OPENSUSE-SU-2025_0114-1
OPENSUSE-SU-2025_0115-1
OPENSUSE-SU-2025_0124-1
OPENSUSE-SU-2025_0131-1
OPENSUSE-SU-2025_0137-1
OPENSUSE-SU-2025_0150-1
OPENSUSE-SU-2025_0158-1
OPENSUSE-SU-2025_0238-1
OPENSUSE-SU-2025_0239-1
OPENSUSE-SU-2025_0240-1
OPENSUSE-SU-2025_0244-1
OPENSUSE-SU-2025_0248-1
OPENSUSE-SU-2025_0249-1
OPENSUSE-SU-2025_0251-1
OPENSUSE-SU-2025_0252-1
OPENSUSE-SU-2025_0253-1
OPENSUSE-SU-2025_0261-1
OPENSUSE-SU-2025_0264-1
OPENSUSE-SU-2025_0266-1
RHSA-2024:4823
RHSA-2024:4831
RHSA-2024:9315
RHSA-2024:9546
RHSA-2024_9315
SUSE-SU-2024:2008-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2360-1
SUSE-SU-2024:2362-1
SUSE-SU-2024:2365-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2381-1
SUSE-SU-2024:2384-1
SUSE-SU-2024:2385-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2495-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2719-1
SUSE-SU-2024:2722-1
SUSE-SU-2024:2724-1
SUSE-SU-2024:2725-1
SUSE-SU-2024:2734-1
SUSE-SU-2024:2740-1
SUSE-SU-2024:2750-1
SUSE-SU-2024:2751-1
SUSE-SU-2024:2755-1
SUSE-SU-2024:2758-1
SUSE-SU-2024:2759-1
SUSE-SU-2024:2760-1
SUSE-SU-2024:2771-1
SUSE-SU-2024:2773-1
SUSE-SU-2024:2792-1
SUSE-SU-2024:2793-1
SUSE-SU-2024:2797-1
SUSE-SU-2024:2815-1
SUSE-SU-2024:2818-1
SUSE-SU-2024:2821-1
SUSE-SU-2024:2822-1
SUSE-SU-2024:2823-1
SUSE-SU-2024:2824-1
SUSE-SU-2024:2825-1
SUSE-SU-2024:2827-1
SUSE-SU-2024:2840-1
SUSE-SU-2024:2841-1
SUSE-SU-2024:2843-1
SUSE-SU-2024:2850-1
SUSE-SU-2024:2851-1
SUSE-SU-2024:2874-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2024:3015-1
SUSE-SU-2024:3034-1
SUSE-SU-2024:3037-1
SUSE-SU-2024:3039-1
SUSE-SU-2024:3043-1
SUSE-SU-2024:3044-1
SUSE-SU-2024:3048-1
SUSE-SU-2024:3318-1
SUSE-SU-2024:3336-1
SUSE-SU-2024:3347-1
SUSE-SU-2024:3348-1
SUSE-SU-2024:3363-1
SUSE-SU-2024:3365-1
SUSE-SU-2024:3368-1
SUSE-SU-2024:3370-1
SUSE-SU-2024:3375-1
SUSE-SU-2024:3379-1
SUSE-SU-2024:3399-1
SUSE-SU-2024:3623-1
SUSE-SU-2024:3631-1
SUSE-SU-2024:3639-1
SUSE-SU-2024:3642-1
SUSE-SU-2024:3649-1
SUSE-SU-2024:3651-1
SUSE-SU-2024:3652-1
SUSE-SU-2024:3661-1
SUSE-SU-2024:3662-1
SUSE-SU-2024:3663-1
SUSE-SU-2024:3672-1
SUSE-SU-2024:3674-1
SUSE-SU-2024:3676-1
SUSE-SU-2024:3679-1
SUSE-SU-2024:3685-1
SUSE-SU-2024:3694-1
SUSE-SU-2024:3695-1
SUSE-SU-2024:3696-1
SUSE-SU-2024:3697-1
SUSE-SU-2024:3700-1
SUSE-SU-2024:3774-1
SUSE-SU-2024:3780-1
SUSE-SU-2024:3793-1
SUSE-SU-2024:3796-1
SUSE-SU-2024:3798-1
SUSE-SU-2024:3800-1
SUSE-SU-2024:3803-1
SUSE-SU-2024:3806-1
SUSE-SU-2024:3814-1
SUSE-SU-2024:3815-1
SUSE-SU-2024:3820-1
SUSE-SU-2024:3821-1
SUSE-SU-2024:3822-1
SUSE-SU-2024:3829-1
SUSE-SU-2024:3830-1
SUSE-SU-2024:3837-1
SUSE-SU-2024:3842-1
SUSE-SU-2024:3849-1
SUSE-SU-2024:3851-1
SUSE-SU-2024:3852-1
SUSE-SU-2024:3854-1
SUSE-SU-2024:3855-1
SUSE-SU-2024:4122-1
SUSE-SU-2024:4123-1
SUSE-SU-2024:4124-1
SUSE-SU-2024:4180-1
SUSE-SU-2024:4197-1
SUSE-SU-2024:4214-1
SUSE-SU-2024:4216-1
SUSE-SU-2024:4218-1
SUSE-SU-2024:4226-1
SUSE-SU-2024:4231-1
SUSE-SU-2024:4234-1
SUSE-SU-2024:4235-1
SUSE-SU-2024:4236-1
SUSE-SU-2024:4242-1
SUSE-SU-2024:4246-1
SUSE-SU-2024:4249-1
SUSE-SU-2024:4250-1
SUSE-SU-2024:4256-1
SUSE-SU-2024:4263-1
SUSE-SU-2024:4264-1
SUSE-SU-2024:4266-1
SUSE-SU-2024:4275-1
SUSE-SU-2025:0091-1
SUSE-SU-2025:0097-1
SUSE-SU-2025:0101-1
SUSE-SU-2025:0103-1
SUSE-SU-2025:0106-1
SUSE-SU-2025:0107-1
SUSE-SU-2025:0109-1
SUSE-SU-2025:0110-1
SUSE-SU-2025:0114-1
SUSE-SU-2025:0115-1
SUSE-SU-2025:0124-1
SUSE-SU-2025:0131-1
SUSE-SU-2025:0137-1
SUSE-SU-2025:0150-1
SUSE-SU-2025:0158-1
SUSE-SU-2025:0238-1
SUSE-SU-2025:0239-1
SUSE-SU-2025:0240-1
SUSE-SU-2025:0244-1
SUSE-SU-2025:0248-1
SUSE-SU-2025:0249-1
SUSE-SU-2025:0251-1
SUSE-SU-2025:0252-1
SUSE-SU-2025:0253-1
SUSE-SU-2025:0261-1
SUSE-SU-2025:0264-1
SUSE-SU-2025:0266-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20249-1
USN-6893-1
USN-6893-2
USN-6893-3
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6898-1
USN-6898-2
USN-6898-3
USN-6898-4
USN-6917-1
USN-6918-1
USN-6919-1
USN-6927-1
USN-7019-1

Produtos afetados

Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu