CVE-2024-46866

UNKNOWN 0.0

drm/xe/client: add missing bo locking in show_meminfo()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: add missing bo locking in show_meminfo() bo_meminfo() wants to inspect bo state like tt and the ttm resource, however this state can change at any point leading to stuff like NPD and UAF, if the bo lock is not held. Grab the bo lock when calling bo_meminfo(), ensuring we drop any spinlocks first. In the case of object_idr we now also need to hold a ref. v2 (MattB) - Also add xe_bo_assert_held() (cherry picked from commit 4f63d712fa104c3ebefcb289d1e733e86d8698c7)

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Sep 27, 2024
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

0845233388f8a26d00acf9bf230cfd4f36aa4c30 < abc8feacacf8fae10eecf6fea7865e8c1fee419c 0845233388f8a26d00acf9bf230cfd4f36aa4c30 < 94c4aa266111262c96c98f822d1bccc494786fee

Linux / Linux

6.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/abc8feacacf8fae10eecf6fea7865e8c1fee419c git.kernel.org: https://git.kernel.org/stable/c/94c4aa266111262c96c98f822d1bccc494786fee