CVE-2024-53098 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/ufence: Prefetch ufence addr to catch bogus address access_ok() only checks for addr overflow so also try to read the addr to catch invalid addr sent from userspace. (cherry picked from commit 9408c4508483ffc60811e910a93d6425b8e63928)

PUBLISHED Reserved 2024-11-19 | Published 2024-11-25 | Updated 2025-10-01 | Assigner Linux

Product status

Default status

unaffected

dd08ebf6c3525a7ea2186e636df064ea47281987 (git) before 5d623ffbae96b23f1fc43a3d5a267aabdb07583d

affected

dd08ebf6c3525a7ea2186e636df064ea47281987 (git) before 9c1813b3253480b30604c680026c7dc721ce86d1

affected

Default status

affected

6.8

affected

Any version before 6.8

unaffected

6.11.9 (semver)

unaffected

6.12 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/5d623ffbae96b23f1fc43a3d5a267aabdb07583d

git.kernel.org/...c/9c1813b3253480b30604c680026c7dc721ce86d1

cve.org (CVE-2024-53098)

nvd.nist.gov (CVE-2024-53098)

Download JSON

help @ threatint.eu