CVE-2024-49967Resource Injection in Azure Linux 3.0 ARM

CWE-99Resource Injection53 documents6 sources
Severity
8.8HIGHOSV
OSV7.8OSV5.5OSV4.7
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Linux KernelMsrc Azure Linux 3.0 ARMMsrc Azure Linux 3.0 X64+2 more
Timeline
PublishedJan 14
Latest updateAug 14

Description

linux-azure-5.4 vulnerabilities Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; -

Affected Packages6 packages

Debianlinux/linux_kernel< 6.1.115-1+1
Ubuntulinux/linux_kernel< 5.4.0-204.224+5

🔴Vulnerability Details

27
OSV
linux-xilinx-zynqmp vulnerabilities2025-01-20
OSV
linux-raspi-5.4 vulnerabilities2025-01-15
OSV
linux-azure-5.4 vulnerabilities2025-01-14
OSV
linux-realtime vulnerabilities2025-01-10
OSV
linux-azure, linux-intel-iotg-5.15 vulnerabilities2025-01-09

📋Vendor Advisories

26
CISA ICS
Siemens Third-Party Components in SINEC OS2025-08-14
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities2025-01-20
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2025-01-15
Ubuntu
Linux kernel (Azure) vulnerabilities2025-01-14
Ubuntu
Linux kernel (Real-time) vulnerabilities2025-01-10
CVE-2024-49967 — Resource Injection | cvebase