CVE-2024-50031: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50031 affects the Linux kernel's DRM (Direct Rendering Manager) V3D driver. The vulnerability was discovered when running kmscube with performance monitors enabled via GALLIUM_HUD. The issue was disclosed in October 2024 and affects Linux kernel versions from 5.15 up to versions before 6.11.4 (NVD).

The vulnerability occurs because when closing a file descriptor (which happens when interrupting kmscube), the active performance monitor is not stopped. Although all perfmons are destroyed in v3d_perfmon_close_file(), the active performance monitor's pointer (v3d->active_perfmon) remains. If kmscube is run again, the driver attempts to stop the active performance monitor using the stale pointer, which is no longer valid as the previous process has terminated. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can lead to a kernel panic, causing a denial of service condition. This is demonstrated by the occurrence of an 'Unable to handle kernel paging request' error and subsequent system crash (Kernel Patch).

The vulnerability has been patched by explicitly stopping the active performance monitor before destroying and freeing it when it belongs to a given process. The fix has been implemented in the Linux kernel through a series of patches. Users should update their systems to the patched versions: Linux kernel 5.15.168, 6.1.113, 6.6.57, or 6.11.4 and later (NVD).