CVE-2024-49570

HIGH7.8

drm/xe/tracing: Fix a potential TP_printk UAF

Published Feb 27, 2025

Modified 8 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/xe/tracing: Fix a potential TP_printk UAF

The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the TP_printk format") exposes potential UAFs in the xe_bo_move trace event.

Fix those by avoiding dereferencing the xe_mem_type_to_name[] array at TP_printk time.

Since some code refactoring has taken place, explicit backporting may be needed for kernels older than 6.10.

References

WEBhttps://git.kernel.org/stable/c/07089083a526ea19daa72a1edf9d6e209615b77c WEBhttps://git.kernel.org/stable/c/62cd174616ae3bf8a6cf468718f1ae74e5a07727 WEBhttps://git.kernel.org/stable/c/c9402da34611e1039ecccba3c1481c4866f7ca64 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2024-49570

CVSS Analysis

CVSS v3.1

7.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ecosystems

Timeline

PublishedFeb 27, 2025

ModifiedMay 4, 2025

CVE-2024-49570 | Mondoo Vulnerability Intelligence