CVE-2024-39497

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-39497
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-39497.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-39497
Downstream
Related
Published
2024-07-12T12:20:32.330Z
Modified
2026-03-14T12:34:45.377258Z
Summary
drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/shmem-helper: Fix BUGON() on mmap(PROTWRITE, MAP_PRIVATE)

Lack of check for copy-on-write (COW) mapping in drmgemshmemmmap allows users to call mmap with PROTWRITE and MAPPRIVATE flag causing a kernel panic due to BUGON in vmfinsertpfnprot: BUGON((vma->vmflags & VMPFNMAP) && iscowmapping(vma->vm_flags));

Return -EINVAL early if COW mapping is detected.

This bug affects all drm drivers using default shmem helpers. It can be reproduced by this simple example: void *ptr = mmap(0, size, PROTWRITE, MAPPRIVATE, fd, mmap_offset); ptr[0] = 0;

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/39xxx/CVE-2024-39497.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2194a63a818db71065ebe09c8104f5f021ca4e7b
Fixed
a508a102edf8735adc9bb73d37dd13c38d1a1b10
Fixed
3ae63a8c1685e16958560ec08d30defdc5b9cca0
Fixed
2219e5f97244b79c276751a1167615b9714db1b0
Fixed
1b4a8b89bf6787090b56424d269bf84ba00c3263
Fixed
03c71c42809ef4b17f5d874cdb2d3bf40e847b86
Fixed
39bc27bd688066a63e56f7f64ad34fae03fbe3b8

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-39497.json"