CVE-2024-49989
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: fix double free issue during amdgpu module unload
Flexible endpoints use DIGs from available inflexible endpoints, so only the encoders of inflexible links need to be freed. Otherwise, a double free issue may occur when unloading the amdgpu module.
[ 279.190523] RIP: 0010:__slab_free+0x152/0x2f0 [ 279.190577] Call Trace: [ 279.190580] <TASK> [ 279.190582] ? show_regs+0x69/0x80 [ 279.190590] ? die+0x3b/0x90 [ 279.190595] ? do_trap+0xc8/0xe0 [ 279.190601] ? do_error_trap+0x73/0xa0 [ 279.190605] ? __slab_free+0x152/0x2f0 [ 279.190609] ? exc_invalid_op+0x56/0x70 [ 279.190616] ? __slab_free+0x152/0x2f0 [ 279.190642] ? asm_exc_invalid_op+0x1f/0x30 [ 279.190648] ? dcn10_link_encoder_destroy+0x19/0x30 [amdgpu] [ 279.191096] ? __slab_free+0x152/0x2f0 [ 279.191102] ? dcn10_link_encoder_destroy+0x19/0x30 [amdgpu] [ 279.191469] kfree+0x260/0x2b0 [ 279.191474] dcn10_link_encoder_destroy+0x19/0x30 [amdgpu] [ 279.191821] link_destroy+0xd7/0x130 [amdgpu] [ 279.192248] dc_destruct+0x90/0x270 [amdgpu] [ 279.192666] dc_destroy+0x19/0x40 [amdgpu] [ 279.193020] amdgpu_dm_fini+0x16e/0x200 [amdgpu] [ 279.193432] dm_hw_fini+0x26/0x40 [amdgpu] [ 279.193795] amdgpu_device_fini_hw+0x24c/0x400 [amdgpu] [ 279.194108] amdgpu_driver_unload_kms+0x4f/0x70 [amdgpu] [ 279.194436] amdgpu_pci_remove+0x40/0x80 [amdgpu] [ 279.194632] pci_device_remove+0x3a/0xa0 [ 279.194638] device_remove+0x40/0x70 [ 279.194642] device_release_driver_internal+0x1ad/0x210 [ 279.194647] driver_detach+0x4e/0xa0 [ 279.194650] bus_remove_driver+0x6f/0xf0 [ 279.194653] driver_unregister+0x33/0x60 [ 279.194657] pci_unregister_driver+0x44/0x90 [ 279.194662] amdgpu_exit+0x19/0x1f0 [amdgpu] [ 279.194939] __do_sys_delete_module.isra.0+0x198/0x2f0 [ 279.194946] __x64_sys_delete_module+0x16/0x20 [ 279.194950] do_syscall_64+0x58/0x120 [ 279.194954] entry_SYSCALL_64_after_hwframe+0x6e/0x76 [ 279.194980] </TASK>
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 43c296870740a3a264cdca9f18db12e12e9cfbdb | affected |
| Linux | Linux | 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < df948b5ba6858d5da34f622d408e5517057cec07 | affected |
| Linux | Linux | 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < cf6f3ebd6312d465fee096d1f58089b177c7c67f | affected |
| Linux | Linux | 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 7af9e6fa63dbd43a61d4ecc8f59426596a75e507 | affected |
| Linux | Linux | 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 3c0ff4de45ce2c5f7997a1ffa6eefee4b79e6b58 | affected |
| Linux | Linux | 4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c < 20b5a8f9f4670a8503aa9fa95ca632e77c6bf55d | affected |
| Linux | Linux | 4.15 | affected |
| Linux | Linux | 0 < 4.15 | unaffected |
| Linux | Linux | 5.15.181 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.129 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.55 <= 6.6.* | unaffected |
| Linux | Linux | 6.10.14 <= 6.10.* | unaffected |
| Linux | Linux | 6.11.3 <= 6.11.* | unaffected |
| Linux | Linux | 6.12 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
- https://git.kernel.org/stable/c/43c296870740a3a264cdca9f18db12e12e9cfbdb
- https://git.kernel.org/stable/c/df948b5ba6858d5da34f622d408e5517057cec07
- https://git.kernel.org/stable/c/cf6f3ebd6312d465fee096d1f58089b177c7c67f
- https://git.kernel.org/stable/c/7af9e6fa63dbd43a61d4ecc8f59426596a75e507
- https://git.kernel.org/stable/c/3c0ff4de45ce2c5f7997a1ffa6eefee4b79e6b58
- https://git.kernel.org/stable/c/20b5a8f9f4670a8503aa9fa95ca632e77c6bf55d
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.