{"id":"CVE-2024-43867","summary":"drm/nouveau: prime: fix refcount underflow","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix refcount underflow\n\nCalling nouveau_bo_ref() on a nouveau_bo without initializing it (and\nhence the backing ttm_bo) leads to a refcount underflow.\n\nInstead of calling nouveau_bo_ref() in the unwind path of\ndrm_gem_object_init(), clean things up manually.\n\n(cherry picked from commit 1b93f3e89d03cfc576636e195466a0d728ad8de5)","modified":"2026-05-18T05:58:58.052899981Z","published":"2024-08-20T23:50:50.429Z","related":["SUSE-SU-2024:3190-1","SUSE-SU-2024:3194-1","SUSE-SU-2024:3195-1","SUSE-SU-2024:3209-1","SUSE-SU-2024:3383-1","SUSE-SU-2024:3483-1","SUSE-SU-2025:20044-1","SUSE-SU-2025:20047-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43867.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/16998763c62bb465ebc409d0373b9cdcef1a61a6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2a1b327d57a8ac080977633a18999f032d7e9e3f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3bcb8bba72ce89667fa863054956267c450c47ef"},{"type":"WEB","url":"https://git.kernel.org/stable/c/906372e753c5027a1dc88743843b6aa2ad1aaecf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a9bf3efc33f1fbf88787a277f7349459283c9b95"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ebebba4d357b6c67f96776a48ddbaf0060fa4c10"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f23cd66933fe76b84d8e282e5606b4d99068c320"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/43xxx/CVE-2024-43867.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-43867"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ab9ccb96a6e6f95bcde6b8b2a524370efdbfdcd6"},{"fixed":"3bcb8bba72ce89667fa863054956267c450c47ef"},{"fixed":"906372e753c5027a1dc88743843b6aa2ad1aaecf"},{"fixed":"16998763c62bb465ebc409d0373b9cdcef1a61a6"},{"fixed":"ebebba4d357b6c67f96776a48ddbaf0060fa4c10"},{"fixed":"f23cd66933fe76b84d8e282e5606b4d99068c320"},{"fixed":"2a1b327d57a8ac080977633a18999f032d7e9e3f"},{"fixed":"a9bf3efc33f1fbf88787a277f7349459283c9b95"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43867.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.9.0"},{"fixed":"5.4.282"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.224"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.165"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.104"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.45"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.10.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-43867.json"}}],"schema_version":"1.7.5"}