CVE-2024-53087

EPSS 0.04%
Veröffentlicht 19.11.2024 18:15:27
Zuletzt bearbeitet 01.10.2025 21:16:28
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/xe: Fix possible exec queue leak in exec IOCTL

In a couple of places after an exec queue is looked up the exec IOCTL
returns on input errors without dropping the exec queue ref. Fix this
ensuring the exec queue ref is dropped on input error.

(cherry picked from commit 07064a200b40ac2195cb6b7b779897d9377e5e6f)

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.8 < 6.11.8

Linux ≫ Linux Kernel Version6.12 Updaterc1

Linux ≫ Linux Kernel Version6.12 Updaterc2

Linux ≫ Linux Kernel Version6.12 Updaterc3

Linux ≫ Linux Kernel Version6.12 Updaterc4

Linux ≫ Linux Kernel Version6.12 Updaterc5

Linux ≫ Linux Kernel Version6.12 Updaterc6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.089

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

https://git.kernel.org/stable/c/2f92b77a8ce043fbda2664d9be4b66bdc57f67b7

Patch

https://git.kernel.org/stable/c/af797b831d8975cb4610f396dcb7f03f4b9908e7

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-53087

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-53087

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-53087

EUVD