We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-53098

drm/xe/ufence: Prefetch ufence addr to catch bogus address



Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/ufence: Prefetch ufence addr to catch bogus address access_ok() only checks for addr overflow so also try to read the addr to catch invalid addr sent from userspace. (cherry picked from commit 9408c4508483ffc60811e910a93d6425b8e63928)

Reserved 2024-11-19 | Published 2024-11-25 | Updated 2024-12-19 | Assigner Linux

Product status

Default status
unaffected

dd08ebf6c3525a7ea2186e636df064ea47281987 before 5d623ffbae96b23f1fc43a3d5a267aabdb07583d
affected

dd08ebf6c3525a7ea2186e636df064ea47281987 before 9c1813b3253480b30604c680026c7dc721ce86d1
affected

Default status
affected

6.8
affected

Any version before 6.8
unaffected

6.11.9
unaffected

6.12
unaffected

References

git.kernel.org/...c/5d623ffbae96b23f1fc43a3d5a267aabdb07583d

git.kernel.org/...c/9c1813b3253480b30604c680026c7dc721ce86d1

cve.org (CVE-2024-53098)

nvd.nist.gov (CVE-2024-53098)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-53098

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.