CVSS: -EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26647 – drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()'
https://notcve.org/view.php?id=CVE-2024-26647
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); before the 'dsc' NULL pointer check. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/dc/link/link_dpms.c:905 link_set_dsc_pps_packet() warn: variable dereferenced before check 'dsc' (see line 903) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: se corrigió la verificación de desrefrence tardía 'dsc' en 'link_set_dsc_pps_packet()'. En link_set_dsc_pps_packet(), se eliminó la referencia a 'struct display_stream_compressor *dsc' en un DC_LOGGER_INIT(dsc- >ctx->registrador); antes de la verificación del puntero NULL 'dsc'. Corrige lo siguiente: drivers/gpu/drm/amd/amdgpu/../display/dc/link/link_dpms.c:905 link_set_dsc_pps_packet() advertencia: variable desreferenciada antes de verificar 'dsc' (consulte la línea 903) • https://git.kernel.org/stable/c/6aa5ede6665122f4c8abce3c6eba06b49e54d25c https://git.kernel.org/stable/c/cf656fc7276e5b3709a81bc9d9639459be2b2647 https://git.kernel.org/stable/c/3bb9b1f958c3d986ed90a3ff009f1e77e9553207 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-26646 – thermal: intel: hfi: Add syscore callbacks for system-wide PM
https://notcve.org/view.php?id=CVE-2024-26646
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remains constant throughout runtime. When resuming from hibernation, the restore kernel allocates a second memory buffer and reprograms the HFI hardware with the new location as part of a normal boot. The location of the second memory buffer may differ from the one allocated by the image kernel. When the restore kernel transfers control to the image kernel, its HFI buffer becomes invalid, potentially leading to memory corruption if the hardware writes to it (the hardware continues to use the buffer from the restore kernel). It is also possible that the hardware "forgets" the address of the memory buffer when resuming from "deep" suspend. Memory corruption may also occur in such a scenario. To prevent the described memory corruption, disable HFI when preparing to suspend or hibernate. Enable it when resuming. Add syscore callbacks to handle the package of the boot CPU (packages of non-boot CPUs are handled via CPU offline). • https://git.kernel.org/stable/c/28f010dc50df0f7987c04112114fcfa7e0803566 https://git.kernel.org/stable/c/019ccc66d56a696a4dfee3bfa2f04d0a7c3d89ee https://git.kernel.org/stable/c/c9d6d63b6c03afaa6f185df249af693a7939577c https://git.kernel.org/stable/c/97566d09fd02d2ab329774bb89a2cdf2267e86d9 •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52625 – drm/amd/display: Refactor DMCUB enter/exit idle interface
https://notcve.org/view.php?id=CVE-2023-52625
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface [Why] We can hang in place trying to send commands when the DMCUB isn't powered on. [How] We need to exit out of the idle state prior to sending a command, but the process that performs the exit also invokes a command itself. Fixing this issue involves the following: 1. Using a software state to track whether or not we need to start the process to exit idle or notify idle. It's possible for the hardware to have exited an idle state without driver knowledge, but entering one is always restricted to a driver allow - which makes the SW state vs HW state mismatch issue purely one of optimization, which should seldomly be hit, if at all. 2. Refactor any instances of exit/notify idle to use a single wrapper that maintains this SW state. This works simialr to dc_allow_idle_optimizations, but works at the DMCUB level and makes sure the state is marked prior to any notify/exit idle so we don't enter an infinite loop. 3. Make sure we exit out of idle prior to sending any commands or waiting for DMCUB idle. This patch takes care of 1/2. A future patch will take care of wrapping DMCUB command submission with calls to this new interface. • https://git.kernel.org/stable/c/820c3870c491946a78950cdf961bf40e28c1025f https://git.kernel.org/stable/c/8e57c06bf4b0f51a4d6958e15e1a99c9520d00fa •
CVSS: -EPSS: 0%CPEs: 2EXPL: 0CVE-2023-52624 – drm/amd/display: Wake DMCUB before executing GPINT commands
https://notcve.org/view.php?id=CVE-2023-52624
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW through the GPINT mailbox resulting in a system hang. [How] Add dc_wake_and_execute_gpint() to wrap the wake, execute, sleep sequence. If the GPINT executes successfully then DMCUB will be put back into sleep after the optional response is returned. It functions similar to the inbox command interface. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Activa DMCUB antes de ejecutar comandos GPINT [Por qué] DMCUB puede estar inactivo cuando intentamos interactuar con el HW a través del buzón GPINT, lo que provoca un bloqueo del sistema. [Cómo] Agregue dc_wake_and_execute_gpint() para ajustar la secuencia de activación, ejecución y suspensión. Si GPINT se ejecuta correctamente, DMCUB volverá a entrar en modo de suspensión después de que se devuelva la respuesta opcional. Funciona de manera similar a la interfaz de comando de la bandeja de entrada. • https://git.kernel.org/stable/c/2ef98c6d753a744e333b7e34b9cf687040fba57d https://git.kernel.org/stable/c/e5ffd1263dd5b44929c676171802e7b6af483f21 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52623 – SUNRPC: Fix a suspicious RCU usage warning
https://notcve.org/view.php?id=CVE-2023-52623
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running pNFS: [ 57.202521] ============================= [ 57.202522] WARNING: suspicious RCU usage [ 57.202523] 6.7.0-rc3-g2cc14f52aeb7 #41492 Not tainted [ 57.202525] ----------------------------- [ 57.202525] net/sunrpc/xprtmultipath.c:349 RCU-list traversed in non-reader section!! [ 57.202527] other info that might help us debug this: [ 57.202528] rcu_scheduler_active = 2, debug_locks = 1 [ 57.202529] no locks held by test5/3567. [ 57.202530] stack backtrace: [ 57.202532] CPU: 0 PID: 3567 Comm: test5 Not tainted 6.7.0-rc3-g2cc14f52aeb7 #41492 5b09971b4965c0aceba19f3eea324a4a806e227e [ 57.202534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 2/2/2022 [ 57.202536] Call Trace: [ 57.202537] <TASK> [ 57.202540] dump_stack_lvl+0x77/0xb0 [ 57.202551] lockdep_rcu_suspicious+0x154/0x1a0 [ 57.202556] rpc_xprt_switch_has_addr+0x17c/0x190 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] [ 57.202596] rpc_clnt_setup_test_and_add_xprt+0x50/0x180 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] [ 57.202621] ? rpc_clnt_add_xprt+0x254/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] [ 57.202646] rpc_clnt_add_xprt+0x27a/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] [ 57.202671] ? __pfx_rpc_clnt_setup_test_and_add_xprt+0x10/0x10 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] [ 57.202696] nfs4_pnfs_ds_connect+0x345/0x760 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] [ 57.202728] ? __pfx_nfs4_test_session_trunk+0x10/0x10 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] [ 57.202754] nfs4_fl_prepare_ds+0x75/0xc0 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a] [ 57.202760] filelayout_write_pagelist+0x4a/0x200 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a] [ 57.202765] pnfs_generic_pg_writepages+0xbe/0x230 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] [ 57.202788] __nfs_pageio_add_request+0x3fd/0x520 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202813] nfs_pageio_add_request+0x18b/0x390 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202831] nfs_do_writepage+0x116/0x1e0 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202849] nfs_writepages_callback+0x13/0x30 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202866] write_cache_pages+0x265/0x450 [ 57.202870] ? • https://git.kernel.org/stable/c/fece80a2a6718ed58487ce397285bb1b83a3e54e https://git.kernel.org/stable/c/7a96d85bf196c170dcf1b47a82e9bb97cca69aa6 https://git.kernel.org/stable/c/c430e6bb43955c6bf573665fcebf31694925b9f7 https://git.kernel.org/stable/c/f8cf4dabbdcb8bef85335b0ed7ad5b25fd82ff56 https://git.kernel.org/stable/c/e8ca3e73301e23e8c0ac0ce2e6bac4545cd776e0 https://git.kernel.org/stable/c/69c7eeb4f622c2a28da965f970f982db171f3dc6 https://git.kernel.org/stable/c/8f860c8407470baff2beb9982ad6b172c94f1d0a https://git.kernel.org/stable/c/31b62908693c90d4d07db597e685d9f25 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •