cmd[i].size" and "submit->cmd[i].offset" variables…"/> cmd[i].size" and "submit->cmd[i].offset" variables…"/> cmd[i].size" and "submit->cmd[i].offset" variables…"/>
VDB

DEBIAN-CVE-2024-52559

DEBIAN-CVE-2024-52559 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() The "submit->cmd[i].size" and "submit->cmd[i].offset" variables are u32 values that come from the user via the submit_lookup_cmds() function. This addition could lead to an integer wrapping bug so use size_add() to prevent that. Patchwork: https://patchwork.freedesktop.org/patch/624696/

Risk Scores

CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:13linux0, 0
Debian:14linux0, 0
Debian:11linux*, 6.17.9-1, 6.18.1-1~exp1
Debian:12linux6.1.106-3, 6.1.112-1, 6.1.115-1

Timeline

  • Feb 27, 2025 CVE Published
  • Apr 28, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›