PT-2024-7866 · Linux+5 · Linux Kernel+5

Published

2024-03-08

·

Updated

2025-03-28

·

CVE-2024-26943

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the nouveau/dmem component in the Linux kernel, where the kcalloc() function in nouveau dmem evict chunk() may return null if physical memory runs out, leading to null pointer dereference bugs when src pfns, dst pfns, or dma addrs are dereferenced. This can cause the GPU to become unavailable and prevent the eviction of all pages mapping a chunk. The patch adds a GFP NOFAIL flag to kcalloc() and switches to kvcalloc() to avoid failing allocations.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2024-09368
CVE-2024-26943
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2025_0556-1
OPENSUSE-SU-2025_0577-1
SUSE-SU-2024:2008-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2973-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:0556-1
SUSE-SU-2025:0577-1
SUSE-SU-2025:0577-2
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
SUSE-SU-2025:20249-1
SUSE-SU-2025_0577-1
SUSE-SU-2025_0577-2
USN-6816-1
USN-6817-1
USN-6817-2
USN-6817-3
USN-6878-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu