CVE-2024-49992: 
CBL Mariner vulnerability analysis and mitigation

CVE-2024-49992 affects the Linux kernel's DRM/STM driver, specifically involving use-after-free issues with CRTC and plane components. The vulnerability was discovered by the Linux Verification Center (linuxtesting.org) and was disclosed in October 2024. The issue occurs in the ltdc_load() function which incorrectly calls drm_crtc_init_with_planes(), drm_universal_plane_init(), and drm_encoder_init() with parameters allocated using devm_kzalloc() (Kernel Git).

The vulnerability stems from improper memory management in the DRM/STM driver. The ltdc_load() function uses devm_kzalloc() for allocating memory for various DRM components, but these allocations should instead be managed by the DRM framework to prevent use-after-free issues. The issue has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could lead to use-after-free conditions in the Linux kernel's DRM subsystem, potentially resulting in system crashes, memory corruption, or privilege escalation. This affects various Linux kernel versions up to 6.1.113, from 6.2 to 6.6.55, from 6.7 to 6.10.14, and from 6.11 to 6.11.3 (NVD).

The issue has been fixed by replacing devm_kzalloc() allocations with DRM framework-managed allocations using functions like drmm_kzalloc() and drmm_universal_plane_alloc(). The fix has been implemented in various kernel versions, and users are advised to update to patched versions. Multiple Linux distributions have released updates addressing this vulnerability (Kernel Git).