CVE-2024-49991

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-49991

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-49991.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-49991

Downstream

BELL-CVE-2024-49991

DEBIAN-CVE-2024-49991

DLA-4008-1

DSA-5818-1

OESA-2024-2370

OESA-2024-2533

OESA-2024-2534

OESA-2024-2536

OESA-2024-2537

RHSA-2025:6966

SUSE-SU-2024:3983-1

SUSE-SU-2024:3984-1

SUSE-SU-2024:3985-1

SUSE-SU-2024:3986-1

SUSE-SU-2024:4081-1

SUSE-SU-2024:4082-1

SUSE-SU-2024:4100-1

SUSE-SU-2024:4103-1

SUSE-SU-2024:4131-1

SUSE-SU-2024:4140-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4364-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:0034-1

UBUNTU-CVE-2024-49991

USN-7301-1

USN-7303-1

USN-7303-2

USN-7303-3

USN-7304-1

USN-7310-1

USN-7311-1

USN-7384-1

USN-7384-2

USN-7385-1

USN-7386-1

USN-7403-1

USN-7468-1

openSUSE-SU-2024:14500-1

openSUSE-SU-2025:14705-1

Related

Published

2024-10-21T18:15:19Z

Modified

2025-08-09T19:01:28Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: amdkfdfreegtt_mem clear the correct pointer

Pass pointer reference to amdgpubounref to clear the correct pointer, otherwise amdgpubounref clear the local variable, the original pointer not set to NULL, this could cause use-after-free bug.

References

Affected packages