ГлавнаяУязвимости → CVE-2024-49570
7.8высокая

CVE-2024-49570

→ есть в БДУ: BDU:2025-03893 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TP_printk UAF The commit afd2627f727b ("tracing: Check "%s" dereference via the field and not the TP_printk format") exposes potential UAFs in the xe_bo_move trace event. Fix those by avoiding dereferencing the xe_mem_type_to_name[] array at TP_printk time. Since some code refactoring has taken place, explicit backporting may be needed for kernels older than 6.10.

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://git.kernel.org/stable/c/07089083a526ea19daa72a1edf9d6e209615b77chttps://git.kernel.org/stable/c/62cd174616ae3bf8a6cf468718f1ae74e5a07727https://git.kernel.org/stable/c/c9402da34611e1039ecccba3c1481c4866f7ca64