In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Free job before xe_exec_queue_put
Free job depends on job->vm being valid, the last xe_exec_queue_put can
destroy the VM. Prevent UAF by freeing job before xe_exec_queue_put.
(cherry picked from commit 32a42c93b74c8ca6d0915ea3eba21bceff53042f)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gcp | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gke | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-hwe-6.8 | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-ibm | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-intel | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-lowlatency | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-lowlatency-hwe-6.8 | < any | UNKNOWN |
git.kernel.org/linus/9e7f30563677fbeff62d368d5d2a5ac7aaa9746a (6.11-rc5)
git.kernel.org/stable/c/98aa0330f200b9b8fb9e1298e006eda57a13351c
git.kernel.org/stable/c/9e7f30563677fbeff62d368d5d2a5ac7aaa9746a
launchpad.net/bugs/cve/CVE-2024-44978
nvd.nist.gov/vuln/detail/CVE-2024-44978
security-tracker.debian.org/tracker/CVE-2024-44978
www.cve.org/CVERecord?id=CVE-2024-44978