Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xa_alloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xa_alloc all the way to the end to prevent this. v2: - Rebase (cherry picked from commit dcfd3971327f3ee92765154baebbaece833d3ca9)

INFO

Published Date :

2024-10-21T18:01:08.620Z

Last Modified :

2025-05-04T09:39:52.060Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-49865 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-49865.

URL Resource
https://git.kernel.org/stable/c/09cf8901fc0225898311b375cfcc67bae37ed5da cve-icon cve-icon
https://git.kernel.org/stable/c/74231870cf4976f69e83aa24f48edb16619f652f cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024102113-CVE-2024-49865-ae89@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-49865 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-49865 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact