CVE-2024-50149
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-50149
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50149.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-50149
- Downstream
- Related
- Published
- 2024-11-07T09:31:25Z
- Modified
- 2025-10-17T15:56:47.734331Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- drm/xe: Don't free job in TDR
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Don't free job in TDR
Freeing job in TDR is not safe as TDR can pass the run_job thread resulting in UAF. It is only safe for free job to naturally be called by the scheduler. Rather free job in TDR, add to pending list.
(cherry picked from commit ea2f6a77d0c40d97f4a4dc93fee4afe15d94926d)
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede275d61c5f3ffc250b2a9601d36fbd11b4db774bFixedbe8fe75e57f8fa3f87e3b1c283cc7cd9f9b80867
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede275d61c5f3ffc250b2a9601d36fbd11b4db774bFixed82926f52d7a09c65d916c0ef8d4305fc95d68c0c
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.8
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7