In the Linux kernel, the following vulnerability has been resolved:
drm/panthor: Fix race when converting group handle to group object
XArray provides it's own internal lock which protects the internal array
when entries are being simultaneously added and removed. However there
is still a race between retrieving the pointer from the XArray and
incrementing the reference count.
To avoid this race simply hold the internal XArray lock when
incrementing the reference count, this ensures there cannot be a racing
call to xa_erase().
Metrics
Affected Vendors & Products
References
History
Wed, 27 Nov 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | CWE-362 | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:* |
|
Vendors & Products |
Linux
Linux linux Kernel |
|
Metrics |
cvssV3_1
|
cvssV3_1
|
Fri, 22 Nov 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Fri, 08 Nov 2024 05:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race when converting group handle to group object XArray provides it's own internal lock which protects the internal array when entries are being simultaneously added and removed. However there is still a race between retrieving the pointer from the XArray and incrementing the reference count. To avoid this race simply hold the internal XArray lock when incrementing the reference count, this ensures there cannot be a racing call to xa_erase(). | |
Title | drm/panthor: Fix race when converting group handle to group object | |
References |
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-11-08T05:23:56.752Z
Updated: 2024-12-19T09:34:39.117Z
Reserved: 2024-10-21T19:36:19.963Z
Link: CVE-2024-50174
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-11-08T06:15:14.923
Modified: 2024-11-27T20:20:53.467
Link: CVE-2024-50174
Redhat