CVE-2024-50144
drm/xe: fix unbalanced rpm put() with fence_fini()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: fix unbalanced rpm put() with fence_fini()
Currently we can call fence_fini() twice if something goes wrong when
sending the GuC CT for the tlb request, since we signal the fence and
return an error, leading to the caller also calling fini() on the error
path in the case of stack version of the flow, which leads to an extra
rpm put() which might later cause device to enter suspend when it
shouldn't. It looks like we can just drop the fini() call since the
fence signaller side will already call this for us.
There are known mysterious splats with device going to sleep even with
an rpm ref, and this could be one candidate.
v2 (Matt B):
- Prefer warning if we detect double fini()
(cherry picked from commit cfcbc0520d5055825f0647ab922b655688605183)
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: corregir rpm put() desequilibrado con fence_fini() Actualmente podemos llamar a fence_fini() dos veces si algo sale mal al enviar el GuC CT para la solicitud tlb, ya que señalamos a fence y devolvemos un error, lo que lleva a que el llamador también llame a fini() en la ruta de error en el caso de la versión de pila del flujo, lo que lleva a un rpm put() adicional que más tarde podría hacer que el dispositivo entre en suspensión cuando no debería. Parece que podemos simplemente descartar la llamada a fini() ya que el lado del señalizador de fence ya lo llamará por nosotros. Hay splats misteriosos conocidos con el dispositivo entrando en suspensión incluso con una referencia rpm, y este podría ser un candidato. v2 (Matt B): - Preferimos advertencia si detectamos fini() doble (seleccionado de el commit cfcbc0520d5055825f0647ab922b655688605183)
CVSS Scores
SSVC
- Decision:-
Timeline
- 2024-10-21 CVE Reserved
- 2024-11-07 CVE Published
- 2024-11-07 CVE Updated
- ---------- EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/f002702290fccbd473f5bb94e52f25c96917fff2 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://git.kernel.org/stable/c/046bd018c0123b1a49c22abed5f9ea31d1454c78 | 2024-11-01 | |
https://git.kernel.org/stable/c/03a86c24aea0920a1ca20a0d7771d5e176db538d | 2024-10-16 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.11 < 6.11.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.11 < 6.11.6" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.11 < 6.12-rc4 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.11 < 6.12-rc4" | en |
Affected
|