CVE-2024-53072

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 19, 2024
Updated: Nov 25, 2024

Summary

CVE-2024-53072 is a vulnerability affecting the Linux kernel's amd_pmc driver. When the amd_pmc module is enabled with the parameter "enable_stb=1," attempts to access the System Transaction Buffer (STB) may result in failure, causing the kernel to return an invalid memory address during an ioremap operation. This can result in a warning message and potential confusion for users. To mitigate this issue, the vulnerability has been resolved by properly handling such invalid addresses and displaying an error message instead.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share