CVE-2022-48849

drm/amdgpu: bypass tiling flag check in virtual display case (v2)

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: bypass tiling flag check in virtual display case (v2)

vkms leverages common amdgpu framebuffer creation, and
also as it does not support FB modifier, there is no need
to check tiling flags when initing framebuffer when virtual
display is enabled.

This can fix below calltrace:

amdgpu 0000:00:08.0: GFX9+ requires FB check based on format modifier
WARNING: CPU: 0 PID: 1023 at drivers/gpu/drm/amd/amdgpu/amdgpu_display.c:1150 amdgpu_display_framebuffer_init+0x8e7/0xb40 [amdgpu]

v2: check adev->enable_virtual_display instead as vkms can be
enabled in bare metal as well.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: omite la verificación del indicador de mosaico en la vitrina virtual (v2) vkms aprovecha la creación de framebuffer amdgpu común y, además, como no admite el modificador FB, no es necesario verificar los indicadores de mosaico al iniciar framebuffer cuando la visualización virtual está habilitada. Esto se puede solucionar a continuación: amdgpu 0000:00:08.0: GFX9+ requiere verificación de FB según el modificador de formato ADVERTENCIA: CPU: 0 PID: 1023 en drivers/gpu/drm/amd/amdgpu/amdgpu_display.c:1150 amdgpu_display_framebuffer_init+0x8e7/0xb40 [amdgpu] v2: marque adev->enable_virtual_display en su lugar, ya que vkms también se puede habilitar en bare metal.

*Credits: N/A

CVSS Scores

NISTv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-07-16 CVE Reserved
2024-07-16 CVE Published
2024-07-17 EPSS Updated
2024-09-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/fcd1d79aa943fff4fbaa0cce1d576995a7960699	2022-03-16
https://git.kernel.org/stable/c/cb29021be49858059138f75d6311a7c35a9379b2	2022-03-16
https://git.kernel.org/stable/c/e2b993302f40c4eb714ecf896dd9e1c5be7d4cd7	2022-02-23

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.15.29 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.29"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.16.15 Search vendor "Linux" for product "Linux Kernel" and version " < 5.16.15"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.17 Search vendor "Linux" for product "Linux Kernel" and version " < 5.17"		en		Affected