CVE-2024-53071

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 19, 2024
Updated: Nov 26, 2024

Summary

CVE-2024-53071 is a vulnerability affecting the Linux kernel's drm/panthor module. The issue lies in the panthor_device_mmap_io() function, which has two key problems: first, it fails to clear the VM_MAYWRITE flag when handling IO mappings for DRM_PANTHOR_USER_FLUSH_ID_MMIO_OFFSET, allowing userspace to make the mapping writable later. Second, it permits MAP_PRIVATE mappings, which have copy-on-write semantics but do not support installing PTEs later, leading to a fault handler issue. The recommended solution is to clear the VM_MAYWRITE flag and require VM_SHARED for all mappings related to the FLUSH_ID. These vulnerabilities were identified on a Rock 5B machine, and while the patch has been compile-tested, further testing is required before implementation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share