ghsa-cx3g-3hc8-q9x4
Vulnerability from github
Published
2025-01-15 15:31
Modified
2025-01-15 15:31
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/xe: Fix fault on fd close after unbind

If userspace holds an fd open, unbinds the device and then closes it, the driver shouldn't try to access the hardware. Protect it by using drm_dev_enter()/drm_dev_exit(). This fixes the following page fault:

<6> [IGT] xe_wedged: exiting, ret=98 <1> BUG: unable to handle page fault for address: ffffc901bc5e508c <1> #PF: supervisor read access in kernel mode <1> #PF: error_code(0x0000) - not-present page ... <4> xe_lrc_update_timestamp+0x1c/0xd0 [xe] <4> xe_exec_queue_update_run_ticks+0x50/0xb0 [xe] <4> xe_exec_queue_fini+0x16/0xb0 [xe] <4> __guc_exec_queue_fini_async+0xc4/0x190 [xe] <4> guc_exec_queue_fini_async+0xa0/0xe0 [xe] <4> guc_exec_queue_fini+0x23/0x40 [xe] <4> xe_exec_queue_destroy+0xb3/0xf0 [xe] <4> xe_file_close+0xd4/0x1a0 [xe] <4> drm_file_free+0x210/0x280 [drm] <4> drm_close_helper.isra.0+0x6d/0x80 [drm] <4> drm_release_noglobal+0x20/0x90 [drm]

(cherry picked from commit 4ca1fd418338d4d135428a0eb1e16e3b3ce17ee8)

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-57844"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-15T13:15:12Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix fault on fd close after unbind\n\nIf userspace holds an fd open, unbinds the device and then closes it,\nthe driver shouldn\u0027t try to access the hardware. Protect it by using\ndrm_dev_enter()/drm_dev_exit(). This fixes the following page fault:\n\n\u003c6\u003e [IGT] xe_wedged: exiting, ret=98\n\u003c1\u003e BUG: unable to handle page fault for address: ffffc901bc5e508c\n\u003c1\u003e #PF: supervisor read access in kernel mode\n\u003c1\u003e #PF: error_code(0x0000) - not-present page\n...\n\u003c4\u003e   xe_lrc_update_timestamp+0x1c/0xd0 [xe]\n\u003c4\u003e   xe_exec_queue_update_run_ticks+0x50/0xb0 [xe]\n\u003c4\u003e   xe_exec_queue_fini+0x16/0xb0 [xe]\n\u003c4\u003e   __guc_exec_queue_fini_async+0xc4/0x190 [xe]\n\u003c4\u003e   guc_exec_queue_fini_async+0xa0/0xe0 [xe]\n\u003c4\u003e   guc_exec_queue_fini+0x23/0x40 [xe]\n\u003c4\u003e   xe_exec_queue_destroy+0xb3/0xf0 [xe]\n\u003c4\u003e   xe_file_close+0xd4/0x1a0 [xe]\n\u003c4\u003e   drm_file_free+0x210/0x280 [drm]\n\u003c4\u003e   drm_close_helper.isra.0+0x6d/0x80 [drm]\n\u003c4\u003e   drm_release_noglobal+0x20/0x90 [drm]\n\n(cherry picked from commit 4ca1fd418338d4d135428a0eb1e16e3b3ce17ee8)",
  "id": "GHSA-cx3g-3hc8-q9x4",
  "modified": "2025-01-15T15:31:24Z",
  "published": "2025-01-15T15:31:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57844"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/924d43bd10a1f6723ac5181a6e6cc2196ba98cdd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fe39b222a4139354d32ff9d46b88757f63f71d63"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.