CVE-2024-50174
Vulnerability from cvelistv5
Published
2024-11-08 05:23
Modified
2024-11-08 05:23
Severity ?
EPSS score ?
Summary
drm/panthor: Fix race when converting group handle to group object
References
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/panthor/panthor_sched.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8a585d553c11",
"status": "affected",
"version": "de8548813824",
"versionType": "git"
},
{
"lessThan": "44742138d151",
"status": "affected",
"version": "de8548813824",
"versionType": "git"
},
{
"lessThan": "cac075706f29",
"status": "affected",
"version": "de8548813824",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/panthor/panthor_sched.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.10"
},
{
"lessThan": "6.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"version": "6.10.14",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12-rc2",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Fix race when converting group handle to group object\n\nXArray provides it\u0027s own internal lock which protects the internal array\nwhen entries are being simultaneously added and removed. However there\nis still a race between retrieving the pointer from the XArray and\nincrementing the reference count.\n\nTo avoid this race simply hold the internal XArray lock when\nincrementing the reference count, this ensures there cannot be a racing\ncall to xa_erase()."
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T05:23:56.752Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8a585d553c11965332d7a2d74e79ef92a42bfc87"
},
{
"url": "https://git.kernel.org/stable/c/44742138d151c3a945460ae7beff8ae45ac0bf58"
},
{
"url": "https://git.kernel.org/stable/c/cac075706f298948898b1f63e81709df42afa75d"
}
],
"title": "drm/panthor: Fix race when converting group handle to group object",
"x_generator": {
"engine": "bippy-9e1c9544281a"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-50174",
"datePublished": "2024-11-08T05:23:56.752Z",
"dateReserved": "2024-10-21T19:36:19.963Z",
"dateUpdated": "2024-11-08T05:23:56.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-50174\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-11-08T06:15:14.923\",\"lastModified\":\"2024-11-08T19:01:03.880\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/panthor: Fix race when converting group handle to group object\\n\\nXArray provides it\u0027s own internal lock which protects the internal array\\nwhen entries are being simultaneously added and removed. However there\\nis still a race between retrieving the pointer from the XArray and\\nincrementing the reference count.\\n\\nTo avoid this race simply hold the internal XArray lock when\\nincrementing the reference count, this ensures there cannot be a racing\\ncall to xa_erase().\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/panthor: Se corrige la ejecuci\u00f3n al convertir el identificador de grupo en un objeto de grupo XArray proporciona su propio bloqueo interno que protege la matriz interna cuando se agregan y eliminan entradas simult\u00e1neamente. Sin embargo, todav\u00eda hay una ejecuci\u00f3n entre recuperar el puntero de XArray e incrementar el recuento de referencias. Para evitar esta ejecuci\u00f3n, simplemente mantenga el bloqueo interno de XArray al incrementar el recuento de referencias, esto garantiza que no pueda haber una llamada de ejecuci\u00f3n a xa_erase().\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/44742138d151c3a945460ae7beff8ae45ac0bf58\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8a585d553c11965332d7a2d74e79ef92a42bfc87\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/cac075706f298948898b1f63e81709df42afa75d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.