vulnerability
Ubuntu: (Multiple Advisories) (CVE-2024-49570): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Feb 27, 2025 | May 21, 2025 | May 29, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Feb 27, 2025
Added
May 21, 2025
Modified
May 29, 2025
Description
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/tracing: Fix a potential TP_printk UAF
The commit
afd2627f727b ("tracing: Check "%s" dereference via the field and not the TP_printk format")
exposes potential UAFs in the xe_bo_move trace event.
Fix those by avoiding dereferencing the
xe_mem_type_to_name[] array at TP_printk time.
Since some code refactoring has taken place, explicit backporting may
be needed for kernels older than 6.10.
Solution(s)
ubuntu-upgrade-linux-image-6-11-0-1010-realtimeubuntu-upgrade-linux-image-6-11-0-1013-raspiubuntu-upgrade-linux-image-6-11-0-1014-awsubuntu-upgrade-linux-image-6-11-0-1014-lowlatencyubuntu-upgrade-linux-image-6-11-0-1014-lowlatency-64kubuntu-upgrade-linux-image-6-11-0-1015-azureubuntu-upgrade-linux-image-6-11-0-1015-azure-fdeubuntu-upgrade-linux-image-6-11-0-1015-gcpubuntu-upgrade-linux-image-6-11-0-1015-gcp-64kubuntu-upgrade-linux-image-6-11-0-1016-oracleubuntu-upgrade-linux-image-6-11-0-1016-oracle-64kubuntu-upgrade-linux-image-6-11-0-1022-oemubuntu-upgrade-linux-image-6-11-0-26-genericubuntu-upgrade-linux-image-6-11-0-26-generic-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-64kubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-24-04ubuntu-upgrade-linux-image-generic-hwe-24-04ubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04ubuntu-upgrade-linux-image-lowlatency-hwe-24-04ubuntu-upgrade-linux-image-oem-24-04bubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-realtimeubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-24-04
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.