cve/2024/CVE-2024-39497.md

### [CVE-2024-39497](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39497)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2194a63a818db71065ebe09c8104f5f021ca4e7b%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)Lack of check for copy-on-write (COW) mapping in drm_gem_shmem_mmapallows users to call mmap with PROT_WRITE and MAP_PRIVATE flagcausing a kernel panic due to BUG_ON in vmf_insert_pfn_prot:BUG_ON((vma->vm_flags & VM_PFNMAP) && is_cow_mapping(vma->vm_flags));Return -EINVAL early if COW mapping is detected.This bug affects all drm drivers using default shmem helpers.It can be reproduced by this simple example:void *ptr = mmap(0, size, PROT_WRITE, MAP_PRIVATE, fd, mmap_offset);ptr[0] = 0;

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/w4zu/Debian_security
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`### [CVE-2024-39497](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39497)`
			`![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2194a63a818db71065ebe09c8104f5f021ca4e7b%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5.2%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)`

			`### Description`

			In the Linux kernel, the following vulnerability has been resolved:drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)Lack of check for copy-on-write (COW) mapping in drm_gem_shmem_mmapallows users to call mmap with PROT_WRITE and MAP_PRIVATE flagcausing a kernel panic due to BUG_ON in vmf_insert_pfn_prot:BUG_ON((vma->vm_flags & VM_PFNMAP) && is_cow_mapping(vma->vm_flags));Return -EINVAL early if COW mapping is detected.This bug affects all drm drivers using default shmem helpers.It can be reproduced by this simple example:void *ptr = mmap(0, size, PROT_WRITE, MAP_PRIVATE, fd, mmap_offset);ptr[0] = 0;

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/w4zu/Debian_security`