CVE-2024-27008

In the Linux kernel, the following vulnerability has been resolved:

drm: nv04: Fix out of bounds access

When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or) is used as index there. The 'or' argument of fabricate_dcb_output() must be interpreted as a number of bit to set, not value.

Utilize macros from 'enum nouveau_or' in calls instead of hardcoding.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Published: May 1, 2024
Updated: Nov 5, 2025
CVE: CVE-2024-27008
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	6.9-rc3	6.9-rc3.x
linux / linux_kernel	6.9-rc4	6.9-rc4.x
linux / linux_kernel	6.7	6.8.8
linux / linux_kernel	6.9-rc1	6.9-rc1.x
linux / linux_kernel	6.9-rc2	6.9-rc2.x
linux / linux_kernel	5.16	6.1.88
linux / linux_kernel	6.2	6.6.29
debian / debian_linux	10.0	10.0.x
linux / linux_kernel	2.6.38	4.19.313
linux / linux_kernel	4.20	5.4.275
linux / linux_kernel	5.5	5.10.216
linux / linux_kernel	5.11	5.15.157
fedoraproject / fedora	38	38.x
fedoraproject / fedora	39	39.x
fedoraproject / fedora	40	40.x

Vulnerability Database

309,775

CVE-2024-27008

Deep Security Visibility Without the Complexity