CVE-2024-49862: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-49862 is an off-by-one vulnerability discovered in the Linux kernel's powercap intelrapl driver. The vulnerability was disclosed on October 21, 2024, affecting Linux kernel versions from 6.5 up to (excluding) 6.6.54, from 6.7 up to (excluding) 6.10.13, and from 6.11 up to (excluding) 6.11.2. The issue exists in the getrpi() function where an incorrect boundary check could lead to an array access violation (NVD).

The vulnerability stems from an incorrect boundary check in the getrpi() function within the intelraplcommon.c file. The function uses a comparison operator '>' instead of '>=' when checking array bounds, potentially allowing access to an element beyond the array's limits. The rp->priv->rpi array, which can be either rpimsr or rpitpmi, has NRRAPL_PRIMITIVES number of elements. The vulnerability has been assigned a CVSS v3.1 base score of 7.1 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

The vulnerability could potentially lead to an off-by-one array access violation in the Linux kernel's power capping framework. This could result in information disclosure or system instability when accessing the affected component (NVD).

The vulnerability has been fixed by updating the comparison operator from '>' to '>=' in the get_rpi() function. Users should update their Linux kernel to versions 6.6.54, 6.10.13, or 6.11.2 or later, depending on their current kernel branch. The fix has been committed to the kernel source tree and is available in the latest stable releases (Kernel Patch).