CVE-2024-50107

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 5, 2024
Updated: Nov 8, 2024

Summary

CVE-2024-50107 is a vulnerability affecting the Linux kernel that was resolved in commit 50c6dbdfd16e. This commit introduced a WARN when invalid address ranges are passed to iounmap(), causing a warning message to appear on certain systems, such as the Thinkpad P1 Gen 7 (Meteor Lake-P). The vulnerability lies in the pmc_core_iounmap function in the intel_pmc_core module. The function fails to properly check and iounmap for valid addresses, potentially leading to unexpected behavior or crashes. The impacted components include rfkill, snd_timer, fjes, and others. System administrators are advised to apply the necessary patch to mitigate this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share