CVE-2025-37869
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Use local fence in error path of xe_migrate_clear
The intent of the error path in xe_migrate_clear is to wait on locally generated fence and then return. The code is waiting on m->fence which could be the local fence but this is only stable under the job mutex leading to a possible UAF. Fix code to wait on local fence.
(cherry picked from commit 762b7e95362170b3e13a8704f38d5e47eca4ba74)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | dd08ebf6c3525a7ea2186e636df064ea47281987 < 2ac5f466f62892a7d1ac2d1a3eb6cd14efbe2f2d | affected |
| Linux | Linux | dd08ebf6c3525a7ea2186e636df064ea47281987 < dc712938aa26b001f448d5e93f59d57fa80f2dbd | affected |
| Linux | Linux | dd08ebf6c3525a7ea2186e636df064ea47281987 < 20659d3150f1a2a258a173fe011013178ff2a197 | affected |
| Linux | Linux | 6.8 | affected |
| Linux | Linux | 0 < 6.8 | unaffected |
| Linux | Linux | 6.12.25 <= 6.12.* | unaffected |
| Linux | Linux | 6.14.4 <= 6.14.* | unaffected |
| Linux | Linux | 6.15 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/2ac5f466f62892a7d1ac2d1a3eb6cd14efbe2f2d
- https://git.kernel.org/stable/c/dc712938aa26b001f448d5e93f59d57fa80f2dbd
- https://git.kernel.org/stable/c/20659d3150f1a2a258a173fe011013178ff2a197
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.