CVE-2024-49865

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xa_alloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xa_alloc all the way to the end to prevent this. v2: - Rebase (cherry picked from commit dcfd3971327f3ee92765154baebbaece833d3ca9)
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*

History

24 Oct 2024, 03:44

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/09cf8901fc0225898311b375cfcc67bae37ed5da - () https://git.kernel.org/stable/c/09cf8901fc0225898311b375cfcc67bae37ed5da - Patch
References () https://git.kernel.org/stable/c/74231870cf4976f69e83aa24f48edb16619f652f - () https://git.kernel.org/stable/c/74231870cf4976f69e83aa24f48edb16619f652f - Patch
First Time Linux linux Kernel
Linux
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CWE CWE-416
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*

23 Oct 2024, 15:13

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe/vm: mover xa_alloc para evitar UAF Un usuario malintencionado puede adivinar el siguiente id de la máquina virtual antes de que se complete el ioctl y luego llamar a vm destroy ioctl para activar el UAF, ya que create ioctl sigue haciendo referencia a la misma máquina virtual. Mueva xa_alloc hasta el final para evitar esto. v2: - Rebase (seleccionado de el commit dcfd3971327f3ee92765154baebbaece833d3ca9)

21 Oct 2024, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 18:15

Updated : 2024-10-24 03:44


NVD link : CVE-2024-49865

Mitre link : CVE-2024-49865

CVE.ORG link : CVE-2024-49865


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free