CVE-2024-44993: 
Linux Debian vulnerability analysis and mitigation

CVE-2024-44993 affects the Linux kernel's DRM (Direct Rendering Manager) V3D driver. The vulnerability was discovered when enabling UBSAN on Raspberry Pi 5, revealing an out-of-bounds read in the v3d_csd_job_run() function. The issue occurs because the UAPI provides only seven configuration registers while the code attempts to read an eighth position of a u32 array (Kernel Patch).

The vulnerability is an array-index-out-of-bounds issue in drivers/gpu/drm/v3d/v3dsched.c:320:3, where an index 7 is accessed but is out of range for type '_u32 [7]'. The issue affects Linux kernel versions from 6.8 up to (excluding) 6.10.7, as well as release candidates 6.11-rc1 through 6.11-rc3. The vulnerability has been assigned a CVSS v3.1 base score of 7.1 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

The vulnerability could allow an attacker with local access to cause an out-of-bounds read, potentially leading to information disclosure or system crashes. This particularly affects systems using the V3D graphics driver, such as the Raspberry Pi 5 (Kernel Patch).

A fix has been implemented in the Linux kernel that modifies the v3d_csd_job_run() function to access only seven positions on the '_u32 [7]' array. For V3D 7.1, which has an eighth configuration register, the fix ensures it remains unused by explicitly writing 0 to V3DV7CSDQUEUED_CFG7. Users should update to patched kernel versions that include this fix (Kernel Patch).