CVE-2024-50187: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50187 affects the Linux kernel's DRM (Direct Rendering Manager) VC4 driver. The vulnerability was discovered when it was found that upon closing a file descriptor, the active performance monitor is not properly stopped, leading to potential issues with stale pointers. This vulnerability affects Linux kernel versions from 4.17 up to (excluding) 6.1.113, 6.2 up to (excluding) 6.6.57, and 6.7 up to (excluding) 6.11.4 (NVD).

The vulnerability exists in the performance monitor handling of the VC4 driver. When a file descriptor is closed, although all performance monitors are destroyed in vc4_perfmon_close_file(), the active performance monitor's pointer (vc4->active_perfmon) remains. If a new file descriptor is opened and jobs with performance monitors are submitted, the driver attempts to stop the active performance monitor using this stale pointer. The CVSS v3.1 base score is 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a system crash or potential memory corruption when the driver attempts to use an invalid pointer to stop a previously destroyed performance monitor. This occurs because the pointer is no longer valid after the previous process has terminated and its associated performance monitors have been destroyed and freed (Kernel Patch).

The vulnerability has been patched in the Linux kernel. The fix involves explicitly stopping the active performance monitor before destroying and freeing it when it belongs to a process that is being terminated. The patch has been backported to affected stable kernel versions (Kernel Patch).