fkie_cve-2025-37869
Vulnerability from fkie_nvd
Published
2025-05-09 07:16
Modified
2025-05-12 17:32
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Use local fence in error path of xe_migrate_clear The intent of the error path in xe_migrate_clear is to wait on locally generated fence and then return. The code is waiting on m->fence which could be the local fence but this is only stable under the job mutex leading to a possible UAF. Fix code to wait on local fence. (cherry picked from commit 762b7e95362170b3e13a8704f38d5e47eca4ba74)
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/20659d3150f1a2a258a173fe011013178ff2a197
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2ac5f466f62892a7d1ac2d1a3eb6cd14efbe2f2d
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/dc712938aa26b001f448d5e93f59d57fa80f2dbd
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Use local fence in error path of xe_migrate_clear\n\nThe intent of the error path in xe_migrate_clear is to wait on locally\ngenerated fence and then return. The code is waiting on m-\u003efence which\ncould be the local fence but this is only stable under the job mutex\nleading to a possible UAF. Fix code to wait on local fence.\n\n(cherry picked from commit 762b7e95362170b3e13a8704f38d5e47eca4ba74)"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Uso de una valla local en la ruta de error de xe_migrate_clear. La ruta de error en xe_migrate_clear espera en la valla generada localmente y luego regresa. El c\u00f3digo espera en m-\u0026gt;fence, que podr\u00eda ser la valla local, pero esto solo es estable bajo el mutex de trabajo, lo que podr\u00eda provocar un UAF. Se corrige el c\u00f3digo para que espere en la valla local. (Seleccionado de la confirmaci\u00f3n 762b7e95362170b3e13a8704f38d5e47eca4ba74)"
    }
  ],
  "id": "CVE-2025-37869",
  "lastModified": "2025-05-12T17:32:32.760",
  "metrics": {},
  "published": "2025-05-09T07:16:07.997",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/20659d3150f1a2a258a173fe011013178ff2a197"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/2ac5f466f62892a7d1ac2d1a3eb6cd14efbe2f2d"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/dc712938aa26b001f448d5e93f59d57fa80f2dbd"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.