CVE-2024-53087

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix possible exec queue leak in exec IOCTL In a couple of places after an exec queue is looked up the exec IOCTL returns on input errors without dropping the exec queue ref. Fix this ensuring the exec queue ref is dropped on input error. (cherry picked from commit 07064a200b40ac2195cb6b7b779897d9377e5e6f)

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2f92b77a8ce043fbda2664d9be4b66bdc57f67b7	Patch
https://git.kernel.org/stable/c/af797b831d8975cb4610f396dcb7f03f4b9908e7	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc6::::::

History

27 Nov 2024, 20:08

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/2f92b77a8ce043fbda2664d9be4b66bdc57f67b7 -~~	() https://git.kernel.org/stable/c/2f92b77a8ce043fbda2664d9be4b66bdc57f67b7 - Patch
References	~~() https://git.kernel.org/stable/c/af797b831d8975cb4610f396dcb7f03f4b9908e7 -~~	() https://git.kernel.org/stable/c/af797b831d8975cb4610f396dcb7f03f4b9908e7 - Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		CWE-401
CPE		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.12:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.12:rc6::::::
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Se corrige una posible pérdida de cola de ejecución en la IOCTL de ejecución. En un par de lugares, después de que se busca una cola de ejecución, la IOCTL de ejecución devuelve errores de entrada sin descartar la referencia de la cola de ejecución. Se soluciona este problema asegurándose de descartar la referencia de la cola de ejecución en caso de error de entrada. (seleccionado de el commit 07064a200b40ac2195cb6b7b779897d9377e5e6f)
First Time		Linux linux Kernel Linux

19 Nov 2024, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-19 18:15

Updated : 2024-11-27 20:08

NVD link : CVE-2024-53087

Mitre link : CVE-2024-53087

CVE.ORG link : CVE-2024-53087

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10