CVE-2024-49570
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/tracing: Fix a potential TP_printk UAF
The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the TP_printk format") exposes potential UAFs in the xe_bo_move trace event.
Fix those by avoiding dereferencing the xe_mem_type_to_name[] array at TP_printk time.
Since some code refactoring has taken place, explicit backporting may be needed for kernels older than 6.10.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | e46d3f813abd2383881c66d21ba04cee9fbdf3a9 < 62cd174616ae3bf8a6cf468718f1ae74e5a07727 | affected |
| Linux | Linux | e46d3f813abd2383881c66d21ba04cee9fbdf3a9 < c9402da34611e1039ecccba3c1481c4866f7ca64 | affected |
| Linux | Linux | e46d3f813abd2383881c66d21ba04cee9fbdf3a9 < 07089083a526ea19daa72a1edf9d6e209615b77c | affected |
| Linux | Linux | 6.11 | affected |
| Linux | Linux | 0 < 6.11 | unaffected |
| Linux | Linux | 6.12.16 <= 6.12.* | unaffected |
| Linux | Linux | 6.13.4 <= 6.13.* | unaffected |
| Linux | Linux | 6.14 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://git.kernel.org/stable/c/62cd174616ae3bf8a6cf468718f1ae74e5a07727
- https://git.kernel.org/stable/c/c9402da34611e1039ecccba3c1481c4866f7ca64
- https://git.kernel.org/stable/c/07089083a526ea19daa72a1edf9d6e209615b77c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.