Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2024/09/27 2:43 p.m.12 views

CVE-2024-46866

A vulnerability in the Linux kernel's drm/xe/client driver was resolved. This issue was resolved by adding the missing buffer object BO locking in the showmeminfo function. Inspecting the BO state without this lock led to a NULL pointer dereference NPD or use-after-free UAF issues due to concurre...

5.5CVSS5.4AI score0.00044EPSS
Exploits0References4
NVD
NVDadded 2024/09/27 1:15 p.m.14 views

CVE-2024-46866

In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: add missing bo locking in showmeminfo bomeminfo wants to inspect bo state like tt and the ttm resource, however this state can change at any point leading to stuff like NPD and UAF, if the bo lock is not held. Grab...

5.5CVSS0.00044EPSS
Exploits0References2
NVD
NVDadded 2024/09/27 1:15 p.m.16 views

CVE-2024-46867

In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: fix deadlock in showmeminfo There is a real deadlock as well as sleeping in atomic bug in here, if the bo put happens to be the last ref, since bo destruction wants to grab the same spinlock and sleeping locks. Fix...

5.5CVSS0.00067EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/09/27 12:42 p.m.20 views

CVE-2024-46867 drm/xe/client: fix deadlock in show_meminfo()

In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: fix deadlock in showmeminfo There is a real deadlock as well as sleeping in atomic bug in here, if the bo put happens to be the last ref, since bo destruction wants to grab the same spinlock and sleeping locks. Fix...

0.00067EPSS
Exploits0References2
CVE
CVEadded 2024/09/27 12:42 p.m.125 views

CVE-2024-46867

In CVE-2024-46867, the Linux kernel component drm/xe/client exhibited a deadlock and an atomic sleep issue in show_meminfo when the bo (buffer object) being destroyed had the last reference. The root cause was the destruction path attempting to grab the same spinlock, risking a sleep in atomic co...

5.5CVSS5.2AI score0.00067EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2024/09/27 12:42 p.m.137 views

CVE-2024-46866

CVE-2024-46866 is a Linux kernel DRM-XE issue: bo_meminfo() can inspect bo state (tt/ttm) without holding the bo lock, allowing state changes that may cause NPD or UAF. The fix grabs the bo lock during bo_meminfo() and adds a ref for object_idr; v2 also introduces xe_bo_assert_held(). Concrete de...

5.5CVSS5.1AI score0.00044EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2024/09/27 12:42 p.m.10 views

CVE-2024-46866 drm/xe/client: add missing bo locking in show_meminfo()

In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: add missing bo locking in showmeminfo bomeminfo wants to inspect bo state like tt and the ttm resource, however this state can change at any point leading to stuff like NPD and UAF, if the bo lock is not held. Grab...

5.5CVSS6.1AI score0.00044EPSS
Exploits0References5
Rows per page
Query Builder