CVE-2025-39740

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/migrate: prevent potential UAF

If we hit the error path, the previous fence (if there is one) has already been put() prior to this, so doing a fence_wait could lead to UAF. Tweak the flow to do to the put() until after we do the wait.

(cherry picked from commit 9b7ca35ed28fe5fad86e9d9c24ebd1271e4c9c3e)

Affected Software

VendorProductVersion RangeStatus
LinuxLinux270172f64b114451876c1b68912653e72ab99f38 < 7e46fa64a4b94208563c3a5bf1d7f4346f94abeaaffected
LinuxLinux270172f64b114451876c1b68912653e72ab99f38 < 145832fbdd17b1d77ffd6cdd1642259e101d1b7eaffected
LinuxLinux6.16affected
LinuxLinux0 < 6.16unaffected
LinuxLinux6.16.2 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References