CVE-2024-41024

{"id": "CVE-2024-41024", "cveTags": [], "metrics": {}, "published": "2024-07-29T15:15:11.270", "references": [{"url": "https://git.kernel.org/stable/c/5e305b5986dc52122a9368a1461f0c13e1de3fd6", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bab2f5e8fd5d2f759db26b78d9db57412888f187", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c69fd8afacebfdf2f8a1ee1ea7e0723786529874", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Restrict untrusted app to attach to privileged PD\n\nUntrusted application with access to only non-secure fastrpc device\nnode can attach to root_pd or static PDs if it can make the respective\ninit request. This can cause problems as the untrusted application\ncan send bad requests to root_pd or static PDs. Add changes to reject\nattach to privileged PDs if the request is being made using non-secure\nfastrpc device node."}], "lastModified": "2024-07-29T16:21:52.517", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}