cve/2024/CVE-2024-50134.md

### [CVE-2024-50134](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50134)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.13%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=dd55d44f408419278c00887bfcb2261d0caae350%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLAReplace the fake VLA at end of the vbva_mouse_pointer_shape shape witha real VLA to fix a "memcpy: detected field-spanning write error" warning:[   13.319813] memcpy: detected field-spanning write (size 16896) of single field "p->data" at drivers/gpu/drm/vboxvideo/hgsmi_base.c:154 (size 4)[   13.319841] WARNING: CPU: 0 PID: 1105 at drivers/gpu/drm/vboxvideo/hgsmi_base.c:154 hgsmi_update_pointer_shape+0x192/0x1c0 [vboxvideo][   13.320038] Call Trace:[   13.320173]  hgsmi_update_pointer_shape [vboxvideo][   13.320184]  vbox_cursor_atomic_update [vboxvideo]Note as mentioned in the added comment it seems the original lengthcalculation for the allocated and send hgsmi buffer is 4 bytes too large.Changing this is not the goal of this patch, so this behavior is kept.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/w4zu/Debian_security