Mark Janes

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The vulnerability is related to the `drm/i915/gem` module in the Linux kernel. It occurs because `i915 perf` assumes it can use the `i915 gem context` reference to protect its `i915->gem.contexts.list` iteration. However, this requires that the context is not removed from the list until after the final reference is dropped and the struct is released. If the context is removed from the list during `context close()`, the `link.next` pointer may be poisoned while holding the context reference, causing a general protection fault (GPF). The issue is triggered when `i915 perf open ioctl` is called, and it attempts to filter on a specific context ID. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.