CVE-2024-42146
MEDIUM EPSS 9.5%
Published Jul 30, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published Jul 30, 2024 1y ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add outer runtime_pm protection to xe_live_ktest@xe_dma_buf Any kunit doing any memory access should get their own runtime_pm outer references since they don't use the standard driver API entries. In special this dma_buf from the same driver. Found by pre-merge CI on adding WARN calls for unprotected inner callers: <6> [318.639739] # xe_dma_buf_kunit: running xe_test_dmabuf_import_same_driver <4> [318.639957] ------------[ cut here ]------------ <4> [318.639967] xe 0000:4d:00.0: Missing outer runtime PM protection <4> [318.640049] WARNING: CPU: 117 PID: 3832 at drivers/gpu/drm/xe/xe_pm.c:533 xe_pm_runtime_get_noresume+0x48/0x60 [xe]
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
9.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥6.8 – <6.9.9 |
References 2
- git.kernel.org https://git.kernel.org/stable/c/0888d15ea45ba8ef4508edd1123ea5ad95b58994
- git.kernel.org https://git.kernel.org/stable/c/f9116f658a6217b101e3b4e89f845775b6fb05d9
Remediation
- git.kernel.org https://git.kernel.org/stable/c/0888d15ea45ba8ef4508edd1123ea5ad95b58994
- git.kernel.org https://git.kernel.org/stable/c/f9116f658a6217b101e3b4e89f845775b6fb05d9