CVE-2024-50096

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50096
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50096.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50096
Downstream
Related
Published
2024-11-05T17:04:58.689Z
Modified
2025-11-27T02:33:04.495888Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error
Details

In the Linux kernel, the following vulnerability has been resolved:

nouveau/dmem: Fix vulnerability in migratetoram upon copy error

The nouveau_dmem_copy_one function ensures that the copy push command is sent to the device firmware but does not track whether it was executed successfully.

In the case of a copy error (e.g., firmware or hardware failure), the copy push command will be sent via the firmware channel, and nouveau_dmem_copy_one will likely report success, leading to the migrate_to_ram function returning a dirty HIGH_USER page to the user.

This can result in a security vulnerability, as a HIGH_USER page that may contain sensitive or corrupted data could be returned to the user.

To prevent this vulnerability, we allocate a zero page. Thus, in case of an error, a non-dirty (zero) page will be returned to the user.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/cc431b3424123d84bcd7afd4de150b33f117a8ef/cves/2024/50xxx/CVE-2024-50096.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5be73b690875f7eb2d2defb54ccd7f2f12074984
Fixed
fd9bb7e996bab9b9049fffe3f3d3b50dee191d27
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5be73b690875f7eb2d2defb54ccd7f2f12074984
Fixed
73f75d2b5aee5a735cf64b8ab4543d5c20dbbdd9
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5be73b690875f7eb2d2defb54ccd7f2f12074984
Fixed
8c3de9282dde21ce3c1bf1bde3166a4510547aa9
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5be73b690875f7eb2d2defb54ccd7f2f12074984
Fixed
614bfb2050982d23d53d0d51c4079dba0437c883
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5be73b690875f7eb2d2defb54ccd7f2f12074984
Fixed
697e3ddcf1f8b68bd531fc34eead27c000bdf3e1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5be73b690875f7eb2d2defb54ccd7f2f12074984
Fixed
ab4d113b6718b076046018292f821d5aa4b844f8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5be73b690875f7eb2d2defb54ccd7f2f12074984
Fixed
835745a377a4519decd1a36d6b926e369b3033e2

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.1.0
Fixed
5.4.285
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.227
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.168
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.113
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.57
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.11.4