CVE-2024-58086

drm/v3d: Stop active perfmon if it is being destroyed

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop active perfmon if it is being destroyed If the active performance monitor (`v3d->active_perfmon`) is being
destroyed, stop it first. Currently, the active perfmon is not
stopped during destruction, leaving the `v3d->active_perfmon` pointer
stale. This can lead to undefined behavior and instability. This patch ensures that the active perfmon is stopped before being
destroyed, aligning with the behavior introduced in commit
7d1fd3638ee3 ("drm/v3d: Stop the active perfmon before being destroyed").

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop active perfmon if it is being destroyed If the active performance monitor (`v3d->active_perfmon`) is being destroyed, stop it first. Currently, the active perfmon is not stopped during destruction, leaving the `v3d->active_perfmon` pointer stale. This can lead to undefined behavior and instability. This patch ensures that the active perfmon is stopped before being destroyed, aligning with the behavior introduced in commit 7d1fd3638ee3 ("drm/v3d: Stop the active perfmon before being destroyed").

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-03-06 CVE Reserved
2025-03-06 CVE Published
2025-03-06 CVE Updated
2025-03-07 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/26a4dc29b74a137f45665089f6d3d633fcc9b662	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/95036d4c01167568166108d42c2b0e9f8dbd7d2b	2025-02-21
https://git.kernel.org/stable/c/eb0e0eca0eab93f310c6c37b8564049366704691	2025-02-21
https://git.kernel.org/stable/c/1c5673a2c8926adbb61f340c779b28e18188a8cd	2025-02-21
https://git.kernel.org/stable/c/f8805b12f477bd964e2820a87921c7b58cc2dee3	2025-02-21
https://git.kernel.org/stable/c/21f1435b1e6b012a07c42f36b206d2b66fc8f13b	2024-11-22

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.1.129 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.1.129"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.6.79 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.6.79"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.12.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.12.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.13.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.13.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15 < 6.14-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15 < 6.14-rc1"		en		Affected