Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2024-49862 | Mondoo Vulnerability Intelligence

CVE-2024-49862

HIGH7.1

powercap: intel_rapl: Fix off by one in get_rpi()

Published Oct 21, 2024

Modified 8 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

powercap: intel_rapl: Fix off by one in get_rpi()

The rp->priv->rpi array is either rpi_msr or rpi_tpmi which have NR_RAPL_PRIMITIVES number of elements. Thus the > needs to be >= to prevent an off by one access.

References

WEBhttps://git.kernel.org/stable/c/288cbc505e2046638c615c36357cb78bc9fee1e0 WEBhttps://git.kernel.org/stable/c/6a34f3b0d7f11fb6ed72da315fd2360abd9c0737 WEBhttps://git.kernel.org/stable/c/851e7f7f14a15f4e47b7d0f70d5c4a2b95b824d6 WEBhttps://git.kernel.org/stable/c/95f6580352a7225e619551febb83595bcb77ab17 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-49862

CVSS Analysis

CVSS v3.1

7.1

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

NoneI:N

Availability

HighA:H

7.1/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Ecosystems

Timeline

PublishedOct 21, 2024

ModifiedMay 4, 2025