How severe is CVE-2024-42259?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-42259?

This is classified as CWE-131, which is a common weakness in software security.

CVE-2024-42259

MEDIUM Year: 2024

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-131

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. This can cause page fault access. Fix the calculation of the starting and ending addresses, the total size is now deduced from the difference between the end and start addresses. Additionally, the calculations have been rewritten in a clearer and more understandable form. [Joonas: Add Requires: tag] Requires: 60a2066c5005 ("drm/i915/gem: Adjust vma offset for framebuffer mmap offset") (cherry picked from commit 97b6784753da06d9d40232328efc5c5367e53417)

CVE-2017-14934

MEDIUM

CVSS:5.5(Medium)

process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a ...

CWE-1312017

CVE-2019-5696

MEDIUM

CVSS:5.5(Medium)

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of s...

CWE-1312019

CVE-2020-14385

MEDIUM

CVSS:5.5(Medium)

A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt....

CWE-1312020

CVE-2021-29521

MEDIUM

CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from t...

CWE-1312021

CVE-2021-29542

MEDIUM

CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to `tf.raw_ops.StringNGrams`. This is because the implemen...

CWE-1312021

CVE-2021-29545

MEDIUM

CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in converting sparse tensors to CSR Sparse matrices. This is becau...

CWE-1312021

CVE-2024-42259

Vulnerability Description

Related Vulnerabilities

CVE-2017-14934

CVE-2019-5696

CVE-2020-14385

CVE-2021-29521

CVE-2021-29542

CVE-2021-29545