CVE-2024-53086
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 19, 2024
Updated: Nov 27, 2024
CWE ID 667
Summary
CVE-2024-53086 is a vulnerability affecting the Linux kernel. It involves a flaw in the drm/xe driver, specifically in the handling of VM dma-resv locks during exec IOCTL operations. When a failure occurs in xe_sync_in_fence_get, all locks should be dropped before returning to the user. However, this was not being done properly, potentially leading to security vulnerabilities. This issue has been addressed in commit 7d1a4258e602ffdce529f56686925034c1b3b095.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX