SUSE CVE-2025-39811

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratchpt pointer on error Avoid triggering a dereference of an error pointer on cleanup in xevmfreescratch by clearing any scratchpt error pointer. cherry picked from commit...

DEBIAN-CVE-2025-39811

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratchpt pointer on error Avoid triggering a dereference of an error pointer on cleanup in xevmfreescratch by clearing any scratchpt error pointer. cherry picked from commit...

CVE-2025-39811

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratchpt pointer on error Avoid triggering a dereference of an error pointer on cleanup in xevmfreescratch by clearing any scratchpt error pointer. cherry picked from commit...

CVE-2025-39811

In CVE-2025-39811, the Linux kernel fixes a local-denial of-service risk in the DRM subsystem (xe) by clearing the scratch_pt error pointer in xe_vm_free_scratch() to prevent dereferencing an error pointer during cleanup. Root cause: potential dereference of an error pointer on error cleanup. Aff...

UBUNTU-CVE-2025-38309

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xesvminit earlier In xevmcloseandput we need to be able to call xesvmfini, however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats...

SUSE CVE-2024-49865

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xaalloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xaalloc all t...

CVE-2024-49865

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xaalloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xaalloc all t...

DEBIAN-CVE-2024-49865

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xaalloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xaalloc all t...

CVE-2024-49865

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xaalloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xaalloc all t...

UBUNTU-CVE-2024-49865

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xaalloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xaalloc all t...

CVE-2024-49865

CVE-2024-49865 affects the Linux kernel’s DRM XE VM code. The root cause is a use-after-free risk caused by the timing of allocating VM IDs with xa_alloc, which allowed an Evil user to guess the next VM id before vm destroy/ioctl completes, potentially exposing references to the same VM that is s...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue caused by a user competitively guessing the vm id in the drm/xe/vm subsystem...