CVE-2024-49942

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.0-rc7-xe

Description: A null pointer dereference issue has been identified in the Linux kernel, specifically in the xe migrate copy function. This function is designed to copy the content of TTM resources. When the source resource is null, it triggers a null pointer dereference in xe migrate copy. To avoid this situation, the lacks source flag is updated to true, which triggers xe migrate clear instead of xe migrate copy. The issue is related to the xe migrate copy function and the ttm bo handle move mem function.

Recommendations: To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. As a temporary workaround, consider disabling the xe migrate copy function until a patch is available. Restrict access to the vulnerable ttm bo handle move mem function to minimize the risk of exploitation. Avoid using the lacks source flag in the affected xe migrate copy function until the issue is resolved.