CVE-2024-49570

HIGH

Linux Kernel 6.11-6.12.15, 6.13.0-6.13.3 - Use-After-Free in xe_bo_move Trace Event

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TP_printk UAF The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the TP_printk format") exposes potential UAFs in the xe_bo_move trace event. Fix those by avoiding dereferencing the xe_mem_type_to_name[] array at TP_printk time. Since some code refactoring has taken place, explicit backporting may be needed for kernels older than 6.10.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/62cd174616ae3bf8a6cf468718f1ae74e5a07727

Patch

https://git.kernel.org/stable/c/c9402da34611e1039ecccba3c1481c4866f7ca64

Patch

https://git.kernel.org/stable/c/07089083a526ea19daa72a1edf9d6e209615b77c

Scores

CVSS v3 7.8

EPSS 0.0021

EPSS Percentile 10.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-416

Status published

Products (11)

linux/Kernel 6.11.0 - 6.12.16linux

linux/Kernel 6.13.0 - 6.13.4linux

Linux/Linux < 6.11

Linux/Linux 6.11

Linux/Linux 6.12.16 - 6.12.*

Linux/Linux 6.13.4 - 6.13.*

Linux/Linux 6.14

Linux/Linux e46d3f813abd2383881c66d21ba04cee9fbdf3a9 - 07089083a526ea19daa72a1edf9d6e209615b77c

Linux/Linux e46d3f813abd2383881c66d21ba04cee9fbdf3a9 - 62cd174616ae3bf8a6cf468718f1ae74e5a07727

Linux/Linux e46d3f813abd2383881c66d21ba04cee9fbdf3a9 - c9402da34611e1039ecccba3c1481c4866f7ca64

... and 1 more

Published Feb 27, 2025

Tracked Since Feb 18, 2026