CVE-2024-46837
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/panthor: Restrict high priorities on group_create
We were allowing any users to create a high priority group without any permission checks. As a result, this was allowing possible denial of service.
We now only allow the DRM master or users with the CAP_SYS_NICE capability to set higher priorities than PANTHOR_GROUP_PRIORITY_MEDIUM.
As the sole user of that uAPI lives in Mesa and hardcode a value of MEDIUM [1], this should be safe to do.
Additionally, as those checks are performed at the ioctl level, panthor_group_create now only check for priority level validity.
[1]https://gitlab.freedesktop.org/mesa/mesa/-/blob/f390835074bdf162a63deb0311d1a6de527f9f89/src/gallium/drivers/panfrost/pan_csf.c#L1038
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | de85488138247d034eb3241840424a54d660926b < 33eb0344e186a2bcc257c6c5a6e65c1cb42adb4a | affected |
| Linux | Linux | de85488138247d034eb3241840424a54d660926b < 5f7762042f8a5377bd8a32844db353c0311a7369 | affected |
| Linux | Linux | 6.10 | affected |
| Linux | Linux | 0 < 6.10 | unaffected |
| Linux | Linux | 6.10.10 <= 6.10.* | unaffected |
| Linux | Linux | 6.11 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/33eb0344e186a2bcc257c6c5a6e65c1cb42adb4a
- https://git.kernel.org/stable/c/5f7762042f8a5377bd8a32844db353c0311a7369
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.