// For flags

CVE-2024-26916

Revert "drm/amd: flush any delayed gfxoff on suspend entry"

Severity Score

"-"
*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

In the Linux kernel, the following vulnerability has been resolved:

Revert "drm/amd: flush any delayed gfxoff on suspend entry"

commit ab4750332dbe ("drm/amdgpu/sdma5.2: add begin/end_use ring
callbacks") caused GFXOFF control to be used more heavily and the
codepath that was removed from commit 0dee72639533 ("drm/amd: flush any
delayed gfxoff on suspend entry") now can be exercised at suspend again.

Users report that by using GNOME to suspend the lockscreen trigger will
cause SDMA traffic and the system can deadlock.

This reverts commit 0dee726395333fea833eaaf838bc80962df886c8.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Revertir "drm/amd: eliminar cualquier gfxoff retrasado al suspender la entrada" commit ab4750332dbe ("drm/amdgpu/sdma5.2: agregar devoluciones de llamada de anillo de inicio/fin de uso") provocó que el control de GFXOFF se utilizará más intensamente y la ruta de código que se eliminó del commit 0dee72639533 ("drm/amd: eliminar cualquier gfxoff retrasado al suspender la entrada") ahora se puede ejercer nuevamente en suspensión. Los usuarios informan que al usar GNOME para suspender el activador de la pantalla de bloqueo provocará tráfico SDMA y el sistema puede bloquearse. Esto revierte el commit 0dee726395333fea833eaaf838bc80962df886c8.

*Credits: N/A
CVSS Scores
Attack Vector
-
Attack Complexity
-
Privileges Required
-
User Interaction
-
Scope
-
Confidentiality
-
Integrity
-
Availability
-
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-02-19 CVE Reserved
  • 2024-04-17 CVE Published
  • 2024-04-18 EPSS Updated
  • 2024-12-19 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.15.144 < 5.15.149
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.144 < 5.15.149"
en
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 6.1.69 < 6.1.79
Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.69 < 6.1.79"
en
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 6.6.8 < 6.6.18
Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.8 < 6.6.18"
en
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 6.7 < 6.7.6
Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.7.6"
en
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 6.7 < 6.8
Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.8"
en
Affected