CVE-2024-44979

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing workqueue destroy in xe_gt_pagefault On driver reload we never free up the memory for the pagefault and access counter workqueues. Add those destroy calls here. (cherry picked from commit 7586fc52b14e0b8edd0d1f8a434e0de2078b7b2b)

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/a6f78359ac75f24cac3c1bdd753c49c1877bcd82	Patch
https://git.kernel.org/stable/c/b09ef3b762a7fc641fb2f89afd3ebdb65b8ba1b9	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.11:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.11:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.11:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.11:rc4::::::

History

10 Oct 2024, 17:44

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/a6f78359ac75f24cac3c1bdd753c49c1877bcd82 -~~	() https://git.kernel.org/stable/c/a6f78359ac75f24cac3c1bdd753c49c1877bcd82 - Patch
References	~~() https://git.kernel.org/stable/c/b09ef3b762a7fc641fb2f89afd3ebdb65b8ba1b9 -~~	() https://git.kernel.org/stable/c/b09ef3b762a7fc641fb2f89afd3ebdb65b8ba1b9 - Patch
CPE		cpe:2.3:o:linux:linux_kernel:6.11:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.11:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.11:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.11:rc1:::::: cpe:2.3:o:linux:linux_kernel::::::::
CWE		CWE-401
First Time		Linux linux Kernel Linux

05 Sep 2024, 12:53

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Se corrige la falta de destrucción de la cola de trabajo en xe_gt_pagefault. Al recargar el controlador, nunca liberamos la memoria para las colas de trabajo del contador de acceso y de Pagefault. Agregue esas llamadas de destrucción aquí. (seleccionadas de el commit 7586fc52b14e0b8edd0d1f8a434e0de2078b7b2b)

04 Sep 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-04 20:15

Updated : 2024-10-10 17:44

NVD link : CVE-2024-44979

Mitre link : CVE-2024-44979

CVE.ORG link : CVE-2024-44979

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10