CVE-2024-42127
Vulnerability from cvelistv5
Published
2024-07-30 07:46
Modified
2024-12-19 09:13
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/lima: fix shared irq handling on driver remove lima uses a shared interrupt, so the interrupt handlers must be prepared to be called at any time. At driver removal time, the clocks are disabled early and the interrupts stay registered until the very end of the remove process due to the devm usage. This is potentially a bug as the interrupts access device registers which assumes clocks are enabled. A crash can be triggered by removing the driver in a kernel with CONFIG_DEBUG_SHIRQ enabled. This patch frees the interrupts at each lima device finishing callback so that the handlers are already unregistered by the time we fully disable clocks.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/04d531b9a1875846d4f89953b469ad463aa7a770
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0a487e977cb8897ae4c51ecd34bbaa2b005266c9
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0d60c43df59ef01c08dc7b0c45495178f9d05a13
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/17fe8b75aaf0bb1bdc31368963446b421c22d0af
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/25d0d9b83d855cbc5d5aa5ae3cd79d55ea0c84a8
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a6683c690bbfd1f371510cb051e8fa49507f3f5e
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b5daf9217a50636a969bc1965f827878aeb09ffe
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/04d531b9a1875846d4f89953b469ad463aa7a770
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/0a487e977cb8897ae4c51ecd34bbaa2b005266c9
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/0d60c43df59ef01c08dc7b0c45495178f9d05a13
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/17fe8b75aaf0bb1bdc31368963446b421c22d0af
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/25d0d9b83d855cbc5d5aa5ae3cd79d55ea0c84a8
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/a6683c690bbfd1f371510cb051e8fa49507f3f5e
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/b5daf9217a50636a969bc1965f827878aeb09ffe
Impacted products
Vendor Product Version
Linux Linux
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:54:32.183Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0d60c43df59ef01c08dc7b0c45495178f9d05a13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/25d0d9b83d855cbc5d5aa5ae3cd79d55ea0c84a8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/17fe8b75aaf0bb1bdc31368963446b421c22d0af"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0a487e977cb8897ae4c51ecd34bbaa2b005266c9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/04d531b9a1875846d4f89953b469ad463aa7a770"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b5daf9217a50636a969bc1965f827878aeb09ffe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a6683c690bbfd1f371510cb051e8fa49507f3f5e"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-42127",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:16:38.392074Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:04.418Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/lima/lima_gp.c",
            "drivers/gpu/drm/lima/lima_mmu.c",
            "drivers/gpu/drm/lima/lima_pp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "0d60c43df59ef01c08dc7b0c45495178f9d05a13",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "25d0d9b83d855cbc5d5aa5ae3cd79d55ea0c84a8",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "17fe8b75aaf0bb1bdc31368963446b421c22d0af",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "0a487e977cb8897ae4c51ecd34bbaa2b005266c9",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "04d531b9a1875846d4f89953b469ad463aa7a770",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "b5daf9217a50636a969bc1965f827878aeb09ffe",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "a6683c690bbfd1f371510cb051e8fa49507f3f5e",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/lima/lima_gp.c",
            "drivers/gpu/drm/lima/lima_mmu.c",
            "drivers/gpu/drm/lima/lima_pp.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.280",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.222",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.163",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.98",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.39",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.9.*",
              "status": "unaffected",
              "version": "6.9.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.10",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/lima: fix shared irq handling on driver remove\n\nlima uses a shared interrupt, so the interrupt handlers must be prepared\nto be called at any time. At driver removal time, the clocks are\ndisabled early and the interrupts stay registered until the very end of\nthe remove process due to the devm usage.\nThis is potentially a bug as the interrupts access device registers\nwhich assumes clocks are enabled. A crash can be triggered by removing\nthe driver in a kernel with CONFIG_DEBUG_SHIRQ enabled.\nThis patch frees the interrupts at each lima device finishing callback\nso that the handlers are already unregistered by the time we fully\ndisable clocks."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T09:13:38.833Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/0d60c43df59ef01c08dc7b0c45495178f9d05a13"
        },
        {
          "url": "https://git.kernel.org/stable/c/25d0d9b83d855cbc5d5aa5ae3cd79d55ea0c84a8"
        },
        {
          "url": "https://git.kernel.org/stable/c/17fe8b75aaf0bb1bdc31368963446b421c22d0af"
        },
        {
          "url": "https://git.kernel.org/stable/c/0a487e977cb8897ae4c51ecd34bbaa2b005266c9"
        },
        {
          "url": "https://git.kernel.org/stable/c/04d531b9a1875846d4f89953b469ad463aa7a770"
        },
        {
          "url": "https://git.kernel.org/stable/c/b5daf9217a50636a969bc1965f827878aeb09ffe"
        },
        {
          "url": "https://git.kernel.org/stable/c/a6683c690bbfd1f371510cb051e8fa49507f3f5e"
        }
      ],
      "title": "drm/lima: fix shared irq handling on driver remove",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-42127",
    "datePublished": "2024-07-30T07:46:24.070Z",
    "dateReserved": "2024-07-29T15:50:41.184Z",
    "dateUpdated": "2024-12-19T09:13:38.833Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-42127\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-30T08:15:04.820\",\"lastModified\":\"2024-11-21T09:33:39.563\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/lima: fix shared irq handling on driver remove\\n\\nlima uses a shared interrupt, so the interrupt handlers must be prepared\\nto be called at any time. At driver removal time, the clocks are\\ndisabled early and the interrupts stay registered until the very end of\\nthe remove process due to the devm usage.\\nThis is potentially a bug as the interrupts access device registers\\nwhich assumes clocks are enabled. A crash can be triggered by removing\\nthe driver in a kernel with CONFIG_DEBUG_SHIRQ enabled.\\nThis patch frees the interrupts at each lima device finishing callback\\nso that the handlers are already unregistered by the time we fully\\ndisable clocks.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/lima: arregla el manejo de irq compartido en el controlador elimina lima usa una interrupci\u00f3n compartida, por lo que los controladores de interrupciones deben estar preparados para ser llamados en cualquier momento. En el momento de la eliminaci\u00f3n del controlador, los relojes se desactivan antes de tiempo y las interrupciones permanecen registradas hasta el final del proceso de eliminaci\u00f3n debido al uso del devm. Esto es potencialmente un error ya que las interrupciones acceden a los registros del dispositivo, lo que supone que los relojes est\u00e1n habilitados. Se puede provocar un bloqueo eliminando el controlador en un kernel con CONFIG_DEBUG_SHIRQ habilitado. Este parche libera las interrupciones en cada dispositivo Lima que finaliza la devoluci\u00f3n de llamada para que los controladores ya est\u00e9n dados de baja cuando deshabilitemos completamente los relojes.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/04d531b9a1875846d4f89953b469ad463aa7a770\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/0a487e977cb8897ae4c51ecd34bbaa2b005266c9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/0d60c43df59ef01c08dc7b0c45495178f9d05a13\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/17fe8b75aaf0bb1bdc31368963446b421c22d0af\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/25d0d9b83d855cbc5d5aa5ae3cd79d55ea0c84a8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a6683c690bbfd1f371510cb051e8fa49507f3f5e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b5daf9217a50636a969bc1965f827878aeb09ffe\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/04d531b9a1875846d4f89953b469ad463aa7a770\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/0a487e977cb8897ae4c51ecd34bbaa2b005266c9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/0d60c43df59ef01c08dc7b0c45495178f9d05a13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/17fe8b75aaf0bb1bdc31368963446b421c22d0af\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/25d0d9b83d855cbc5d5aa5ae3cd79d55ea0c84a8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/a6683c690bbfd1f371510cb051e8fa49507f3f5e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/b5daf9217a50636a969bc1965f827878aeb09ffe\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.