CVE-2024-46896
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: don't access invalid sched
Since 2320c9e6a768 ("drm/sched: memset() 'job' in drm_sched_job_init()") accessing job->base.sched can produce unexpected results as the initialisation of (*job)->base.sched done in amdgpu_job_alloc is overwritten by the memset.
This commit fixes an issue when a CS would fail validation and would be rejected after job->num_ibs is incremented. In this case, amdgpu_ib_free(ring->adev, …) will be called, which would crash the machine because the ring value is bogus.
To fix this, pass a NULL pointer to amdgpu_ib_free(): we can do this because the device is actually not used in this function.
The next commit will remove the ring argument completely.
(cherry picked from commit 2ae520cb12831d264ceb97c61f72c59d33c0dbd7)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 166df51487f46b6e997dfeea7ca0c2a970853f07 < 65501a4fd84ecdc0af863dbb37759242aab9f2dd | affected |
| Linux | Linux | 87210234e5a273ebf9c4110a6aa82b8221478daa < da6b2c626ae73c303378ce9eaf6e3eaf16c9925a | affected |
| Linux | Linux | 2da108b4b5fb7ec04d7e951418ed80e97f7c35ad < 67291d601f2b032062b1b2f60ffef1b63e10094c | affected |
| Linux | Linux | 2320c9e6a768d135c7b0039995182bb1a4e4fd22 < a93b1020eb9386d7da11608477121b10079c076a | affected |
| Linux | Linux | 6.1.120 < 6.1.122 | affected |
| Linux | Linux | 6.6.66 < 6.6.68 | affected |
| Linux | Linux | 6.12.5 < 6.12.7 | affected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
References
- https://git.kernel.org/stable/c/65501a4fd84ecdc0af863dbb37759242aab9f2dd
- https://git.kernel.org/stable/c/da6b2c626ae73c303378ce9eaf6e3eaf16c9925a
- https://git.kernel.org/stable/c/67291d601f2b032062b1b2f60ffef1b63e10094c
- https://git.kernel.org/stable/c/a93b1020eb9386d7da11608477121b10079c076a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.