Performance Monitor Vulnerability in Linux Kernel Affecting Active Components
CVE-2024-58086

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 6 March 2025

Summary

A vulnerability exists in the Linux kernel where the active performance monitor (v3d->active_perfmon) is not appropriately stopped before being destroyed. This can result in a stale pointer reference and potentially cause undefined behavior and system instability. The issue underscores the importance of ensuring that active components are managed correctly during their lifecycle, as addressed in a recent patch that halts the performance monitor before destruction.

Affected Version(s)

Linux 26a4dc29b74a137f45665089f6d3d633fcc9b662 < 95036d4c01167568166108d42c2b0e9f8dbd7d2b

Linux 26a4dc29b74a137f45665089f6d3d633fcc9b662

Linux 26a4dc29b74a137f45665089f6d3d633fcc9b662 < 1c5673a2c8926adbb61f340c779b28e18188a8cd

References

https://git.kernel.org/stable/c/95036d4c01167568166108d42...

https://git.kernel.org/stable/c/eb0e0eca0eab93f310c6c37b8...

https://git.kernel.org/stable/c/1c5673a2c8926adbb61f340c7...

Timeline

Vulnerability published
Mar 6, 2025
Vulnerability Reserved
Mar 6, 2025