PT-2024-34055 · Linux+5 · Linux Kernel+5

Published

2024-10-28

·

Updated

2025-10-03

·

CVE-2024-50221

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc4
Description: A kernel memory out of bounds write issue has been identified in the Linux kernel. The problem occurs because the GPU metrics table allocated in vangogh tables init() is not large enough for the memset done in smu cmn init soft gpu metrics(). This results in a slab-out-of-bounds write. The root cause is that when GPU metrics tables for v2 4 parts were added, it was not considered to enlarge the table to fit. The issue is resolved with a fix, although it is noted as "brute force" and may be improved later.
Recommendations: For Linux kernel versions prior to 6.12.0-rc4, update to a newer version that includes the fix for the out of bounds write issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17211
ALT-PU-2025-12647
BDU:2025-06989
CVE-2024-50221
OESA-2025-1093
OESA-2025-1097
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_4314-1
OPENSUSE-SU-2024_4316-1
OPENSUSE-SU-2025:14705-1
SUSE-SU-2024:4314-1
SUSE-SU-2024:4316-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu