CVE-2024-53087

MEDIUM

Linux Kernel 6.8-6.11.7 - Use-After-Free in drm/xe Exec Queue Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix possible exec queue leak in exec IOCTL In a couple of places after an exec queue is looked up the exec IOCTL returns on input errors without dropping the exec queue ref. Fix this ensuring the exec queue ref is dropped on input error. (cherry picked from commit 07064a200b40ac2195cb6b7b779897d9377e5e6f)

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/2f92b77a8ce043fbda2664d9be4b66bdc57f67b7

Patch

https://git.kernel.org/stable/c/af797b831d8975cb4610f396dcb7f03f4b9908e7

Scores

CVSS v3 5.5

EPSS 0.0019

EPSS Percentile 8.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (9)

linux/Kernel 6.8.0 - 6.11.8linux

Linux/Linux < 6.8

Linux/Linux 6.11.8 - 6.11.*

Linux/Linux 6.12

Linux/Linux 6.8

Linux/Linux dd08ebf6c3525a7ea2186e636df064ea47281987 - 2f92b77a8ce043fbda2664d9be4b66bdc57f67b7

Linux/Linux dd08ebf6c3525a7ea2186e636df064ea47281987 - af797b831d8975cb4610f396dcb7f03f4b9908e7

linux/linux_kernel 6.12 rc1 (6 CPE variants)

linux/linux_kernel 6.8 - 6.11.8

Published Nov 19, 2024

Tracked Since Feb 18, 2026