PT-2024-32136 · Linux+5 · Linux Kernel+5

Published

2024-08-26

·

Updated

2025-09-29

·

CVE-2024-46709

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)
Description The issue is related to the drm/vmwgfx component in the Linux kernel, where external buffers might not provide direct access to readable/writable pages. To resolve this, the mapping of external buffers should go through the dma buf interface instead of trying to access pages directly. This fix prevents crashes in IGT's kms prime with vgem. The issue is not typically triggered by regular desktop usage due to the fact that virtual machines usually do not have multiple GPUs, but it enables better test coverage in IGT.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-12968
ALT-PU-2024-13260
BDU:2025-01937
CVE-2024-46709
OESA-2024-2296
OPENSUSE-SU-2024_3551-1
OPENSUSE-SU-2024_3561-1
OPENSUSE-SU-2024_3564-1
SUSE-SU-2024:3551-1
SUSE-SU-2024:3553-1
SUSE-SU-2024:3561-1
SUSE-SU-2024:3564-1
SUSE-SU-2025:20073-1
SUSE-SU-2025:20077-1
USN-7154-1
USN-7154-2
USN-7155-1
USN-7156-1
USN-7196-1

Affected Products

Alt Linux
Linux Kernel
Linuxmint
Red Os
Suse
Ubuntu