Security tracker / CVE-2024-50226

CVE-2024-50226

cxl/port: Fix use-after-free, permit out-of-order decoder shutdown

References

• Debian security tracker
• cve.org

Notes

 carnil> Introduced in 176baefb2eb5 ("cxl/hdm: Commit decoder state to hardware").
 carnil> Vulnerable versions: 6.0-rc1.

Bugs

Status

Branch	Status
upstream	released (6.12-rc6) [101c268bd2f37e965a5468353e62d154db38838e]
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.12-upstream-stable	N/A "Fixed before branching point"
6.11-upstream-stable	released (6.11.7) [78c8454fdce0eeee962be004eb6d99860c80dad1]
6.6-upstream-stable	released (6.6.60) [8e1b52c15c81106456437f8e49575040e489e355]
6.1-upstream-stable	needed
5.10-upstream-stable	N/A "Vulnerable code not present"
4.19-upstream-stable	N/A "Vulnerable code not present"
sid	released (6.11.7-1)
6.12-trixie-security	N/A "Fixed before branching point"
6.1-bookworm-security	needed
5.10-bullseye-security	N/A "Vulnerable code not present"