In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Don't free job in TDR
Freeing job in TDR is not safe as TDR can pass the run_job thread
resulting in UAF. It is only safe for free job to naturally be called by
the scheduler. Rather free job in TDR, add to pending list.
(cherry picked from commit ea2f6a77d0c40d97f4a4dc93fee4afe15d94926d)
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 15:45
Type | Values Removed | Values Added |
---|---|---|
First Time |
Linux linux Kernel
Linux |
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:* |
|
References | () https://git.kernel.org/stable/c/82926f52d7a09c65d916c0ef8d4305fc95d68c0c - Patch | |
References | () https://git.kernel.org/stable/c/be8fe75e57f8fa3f87e3b1c283cc7cd9f9b80867 - Patch | |
CWE | CWE-416 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
08 Nov 2024, 19:01
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
07 Nov 2024, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-07 10:15
Updated : 2024-12-11 15:15
NVD link : CVE-2024-50149
Mitre link : CVE-2024-50149
CVE.ORG link : CVE-2024-50149
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-416
Use After Free