HomeDefault status
unaffected
647810ec247641eb5aec8caef818919a4518a0b1 (git) before 3342f066a8e1020a6f7d1fbd6b23bfdeda473eb5
affected
647810ec247641eb5aec8caef818919a4518a0b1 (git) before 444fa5b100e5c90550d6bccfe4476efb0391b3ca
affected
Default status
affected
6.10
affected
Any version before 6.10
unaffected
6.11.8 (semver)
unaffected
6.12 (original_commit_for_fix)
unaffected
Description
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Lock XArray when getting entries for the VM Similar to commit cac075706f29 ("drm/panthor: Fix race when converting group handle to group object") we need to use the XArray's internal locking when retrieving a vm pointer from there. v2: Removed part of the patch that was trying to protect fetching the heap pointer from XArray, as that operation is protected by the @pool->lock.
Product status
647810ec247641eb5aec8caef818919a4518a0b1 (git) before 3342f066a8e1020a6f7d1fbd6b23bfdeda473eb5
647810ec247641eb5aec8caef818919a4518a0b1 (git) before 444fa5b100e5c90550d6bccfe4476efb0391b3ca
6.10
Any version before 6.10
6.11.8 (semver)
6.12 (original_commit_for_fix)
References
git.kernel.org/...c/3342f066a8e1020a6f7d1fbd6b23bfdeda473eb5
git.kernel.org/...c/444fa5b100e5c90550d6bccfe4476efb0391b3ca
project-zero.issues.chromium.org/issues/377500597