General Protection Fault in Linux Kernel's IVPU Component
CVE-2024-54455

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 11 January 2025

Summary

A vulnerability in the Linux kernel's IVPU component has been identified that could potentially lead to a general protection fault. This issue arises when the system attempts to access the fields of a context (ctx) that has not been verified as non-NULL. To mitigate this flaw, the kernel now includes a validation check, ensuring that the ctx is properly initialized before any attempts to access its fields. This fix is crucial for maintaining the stability and security of the system, preventing unexpected crashes and potential exploit scenarios.

Affected Version(s)

Linux 37dee2a2f4330a030abc5674bcec25ccc4addbcc

Linux 37dee2a2f4330a030abc5674bcec25ccc4addbcc < 4b2efb9db0c22a130bbd1275e489b42c02d08050

Linux 6.8

References

https://git.kernel.org/stable/c/a1e597ee5920a6aabdf4dfc3b...

https://git.kernel.org/stable/c/4b2efb9db0c22a130bbd1275e...

Timeline

Vulnerability published
Jan 11, 2025
Vulnerability Reserved
Jan 11, 2025