CVE-2024-37026

low-risk

Published 2024-06-24

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Only use reserved BCS instances for usm migrate exec queue The GuC context scheduling queue is 2 entires deep, thus it is possible for a migration job to be stuck behind a fault if migration exec queue shares engines with user jobs. This can deadlock as the migrate exec queue is required to service page faults. Avoid deadlock by only using reserved BCS instances for usm migrate exec queue. (cherry picked from commit 04f4a70a183a688a60fe3882d6e4236ea02cfc67)

Do I need to act?

0.03% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (2)

Linux Kernel

Affected Vendors

Linux

References (4)

Patch https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15c

Patch https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0c

Patch https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15c

Patch https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0c

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 7/34 · Low