CVE-2024-42146

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/xe: Add outer runtime_pm protection to xe_live_ktest@xe_dma_buf

Any kunit doing any memory access should get their own runtime_pm outer references since they don't use the standard driver API entries. In special this dma_buf from the same driver.

Found by pre-merge CI on adding WARN calls for unprotected inner callers:

<6> [318.639739] # xe_dma_buf_kunit: running xe_test_dmabuf_import_same_driver <4> [318.639957] ————[ cut here ]———— <4> [318.639967] xe 0000:4d:00.0: Missing outer runtime PM protection <4> [318.640049] WARNING: CPU: 117 PID: 3832 at drivers/gpu/drm/xe/xe_pm.c:533 xe_pm_runtime_get_noresume+0x48/0x60 [xe]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxdd08ebf6c3525a7ea2186e636df064ea47281987 < 0888d15ea45ba8ef4508edd1123ea5ad95b58994affected
LinuxLinuxdd08ebf6c3525a7ea2186e636df064ea47281987 < f9116f658a6217b101e3b4e89f845775b6fb05d9affected
LinuxLinux6.8affected
LinuxLinux0 < 6.8unaffected
LinuxLinux6.9.9 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References