CVE-2024-53116
Vulnerability from cvelistv5
Published
2024-12-02 13:44
Modified
2024-12-02 13:44
Severity ?
EPSS score ?
Summary
drm/panthor: Fix handling of partial GPU mapping of BOs
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/panthor/panthor_mmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d3e61af64b77",
"status": "affected",
"version": "647810ec2476",
"versionType": "git"
},
{
"lessThan": "3387e043918e",
"status": "affected",
"version": "647810ec2476",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/panthor/panthor_mmu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.10"
},
{
"lessThan": "6.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Fix handling of partial GPU mapping of BOs\n\nThis commit fixes the bug in the handling of partial mapping of the\nbuffer objects to the GPU, which caused kernel warnings.\n\nPanthor didn\u0027t correctly handle the case where the partial mapping\nspanned multiple scatterlists and the mapping offset didn\u0027t point\nto the 1st page of starting scatterlist. The offset variable was\nnot cleared after reaching the starting scatterlist.\n\nFollowing warning messages were seen.\nWARNING: CPU: 1 PID: 650 at drivers/iommu/io-pgtable-arm.c:659 __arm_lpae_unmap+0x254/0x5a0\n\u003csnip\u003e\npc : __arm_lpae_unmap+0x254/0x5a0\nlr : __arm_lpae_unmap+0x2cc/0x5a0\n\u003csnip\u003e\nCall trace:\n __arm_lpae_unmap+0x254/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n arm_lpae_unmap_pages+0x80/0xa0\n panthor_vm_unmap_pages+0xac/0x1c8 [panthor]\n panthor_gpuva_sm_step_unmap+0x4c/0xc8 [panthor]\n op_unmap_cb.isra.23.constprop.30+0x54/0x80\n __drm_gpuvm_sm_unmap+0x184/0x1c8\n drm_gpuvm_sm_unmap+0x40/0x60\n panthor_vm_exec_op+0xa8/0x120 [panthor]\n panthor_vm_bind_exec_sync_op+0xc4/0xe8 [panthor]\n panthor_ioctl_vm_bind+0x10c/0x170 [panthor]\n drm_ioctl_kernel+0xbc/0x138\n drm_ioctl+0x210/0x4b0\n __arm64_sys_ioctl+0xb0/0xf8\n invoke_syscall+0x4c/0x110\n el0_svc_common.constprop.1+0x98/0xf8\n do_el0_svc+0x24/0x38\n el0_svc+0x34/0xc8\n el0t_64_sync_handler+0xa0/0xc8\n el0t_64_sync+0x174/0x178\n\u003csnip\u003e\npanthor : [drm] drm_WARN_ON(unmapped_sz != pgsize * pgcount)\nWARNING: CPU: 1 PID: 650 at drivers/gpu/drm/panthor/panthor_mmu.c:922 panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\n\u003csnip\u003e\npc : panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\nlr : panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\n\u003csnip\u003e\npanthor : [drm] *ERROR* failed to unmap range ffffa388f000-ffffa3890000 (requested range ffffa388c000-ffffa3890000)"
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T13:44:47.958Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d3e61af64b770e0038470c81f42bd1d0598f6bcc"
},
{
"url": "https://git.kernel.org/stable/c/3387e043918e154ca08d83954966a8b087fe2835"
}
],
"title": "drm/panthor: Fix handling of partial GPU mapping of BOs",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53116",
"datePublished": "2024-12-02T13:44:47.958Z",
"dateReserved": "2024-11-19T17:17:24.993Z",
"dateUpdated": "2024-12-02T13:44:47.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-53116\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-12-02T14:15:12.373\",\"lastModified\":\"2024-12-11T20:34:11.147\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/panthor: Fix handling of partial GPU mapping of BOs\\n\\nThis commit fixes the bug in the handling of partial mapping of the\\nbuffer objects to the GPU, which caused kernel warnings.\\n\\nPanthor didn\u0027t correctly handle the case where the partial mapping\\nspanned multiple scatterlists and the mapping offset didn\u0027t point\\nto the 1st page of starting scatterlist. The offset variable was\\nnot cleared after reaching the starting scatterlist.\\n\\nFollowing warning messages were seen.\\nWARNING: CPU: 1 PID: 650 at drivers/iommu/io-pgtable-arm.c:659 __arm_lpae_unmap+0x254/0x5a0\\n\u003csnip\u003e\\npc : __arm_lpae_unmap+0x254/0x5a0\\nlr : __arm_lpae_unmap+0x2cc/0x5a0\\n\u003csnip\u003e\\nCall trace:\\n __arm_lpae_unmap+0x254/0x5a0\\n __arm_lpae_unmap+0x108/0x5a0\\n __arm_lpae_unmap+0x108/0x5a0\\n __arm_lpae_unmap+0x108/0x5a0\\n arm_lpae_unmap_pages+0x80/0xa0\\n panthor_vm_unmap_pages+0xac/0x1c8 [panthor]\\n panthor_gpuva_sm_step_unmap+0x4c/0xc8 [panthor]\\n op_unmap_cb.isra.23.constprop.30+0x54/0x80\\n __drm_gpuvm_sm_unmap+0x184/0x1c8\\n drm_gpuvm_sm_unmap+0x40/0x60\\n panthor_vm_exec_op+0xa8/0x120 [panthor]\\n panthor_vm_bind_exec_sync_op+0xc4/0xe8 [panthor]\\n panthor_ioctl_vm_bind+0x10c/0x170 [panthor]\\n drm_ioctl_kernel+0xbc/0x138\\n drm_ioctl+0x210/0x4b0\\n __arm64_sys_ioctl+0xb0/0xf8\\n invoke_syscall+0x4c/0x110\\n el0_svc_common.constprop.1+0x98/0xf8\\n do_el0_svc+0x24/0x38\\n el0_svc+0x34/0xc8\\n el0t_64_sync_handler+0xa0/0xc8\\n el0t_64_sync+0x174/0x178\\n\u003csnip\u003e\\npanthor : [drm] drm_WARN_ON(unmapped_sz != pgsize * pgcount)\\nWARNING: CPU: 1 PID: 650 at drivers/gpu/drm/panthor/panthor_mmu.c:922 panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\\n\u003csnip\u003e\\npc : panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\\nlr : panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\\n\u003csnip\u003e\\npanthor : [drm] *ERROR* failed to unmap range ffffa388f000-ffffa3890000 (requested range ffffa388c000-ffffa3890000)\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/panthor: Corregir el manejo del mapeo parcial de la GPU de los BO. Esta confirmaci\u00f3n corrige el error en el manejo del mapeo parcial de los objetos del b\u00fafer a la GPU, que causaba advertencias del kernel. Panthor no manejaba correctamente el caso en el que el mapeo parcial abarcaba m\u00faltiples listas de dispersi\u00f3n y el desplazamiento del mapeo no apuntaba a la primera p\u00e1gina de la lista de dispersi\u00f3n inicial. La variable de desplazamiento no se borraba despu\u00e9s de alcanzar la lista de dispersi\u00f3n inicial. Se vieron los siguientes mensajes de advertencia. ADVERTENCIA: CPU: 1 PID: 650 en drivers/iommu/io-pgtable-arm.c:659 __arm_lpae_unmap+0x254/0x5a0 pc : __arm_lpae_unmap+0x254/0x5a0 lr : __arm_lpae_unmap+0x2cc/0x5a0 Rastreo de llamadas: __arm_lpae_unmap+0x254/0x5a0 __arm_lpae_unmap+0x108/0x5a0 __arm_lpae_unmap+0x108/0x5a0 __arm_lpae_unmap+0x108/0x5a0 arm_lpae_unmap_pages+0x80/0xa0 panthor_vm_unmap_pages+0xac/0x1c8 [panthor] panthor_gpuva_sm_step_unmap+0x4c/0xc8 [panthor] op_unmap_cb.isra.23.constprop.30+0x54/0x80 __drm_gpuvm_sm_unmap+0x184/0x1c8 drm_gpuvm_sm_unmap+0x40/0x60 panthor_vm_exec_op+0xa8/0x120 [panthor] panthor_vm_bind_exec_sync_op+0xc4/0xe8 [panthor] panthor_ioctl_vm_bind+0x10c/0x170 [panthor] drm_ioctl_kernel+0xbc/0x138 drm_ioctl+0x210/0x4b0 __arm64_sys_ioctl+0xb0/0xf8 invocar_syscall+0x4c/0x110 el0_svc_common.constprop.1+0x98/0xf8 do_el0_svc+0x24/0x38 el0_svc+0x34/0xc8 el0t_64_sync_handler+0xa0/0xc8 el0t_64_sync+0x174/0x178 panthor : [drm] drm_WARN_ON(unmapped_sz != pgsize * pgcount) ADVERTENCIA: CPU: 1 PID: 650 en drivers/gpu/drm/panthor/panthor_mmu.c:922 panthor_vm_unmap_pages+0x124/0x1c8 [panthor] pc : panthor_vm_unmap_pages+0x124/0x1c8 [panthor] lr : panthor_vm_unmap_pages+0x124/0x1c8 [panthor] panthor : [drm] *ERROR* no se pudo desasignar el rango ffffa388f000-ffffa3890000 (rango solicitado ffffa388c000-ffffa3890000)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.10\",\"versionEndExcluding\":\"6.11.10\",\"matchCriteriaId\":\"CBF353B6-8FA6-4F52-AEA3-56FB3CD25A79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F361E1D-580F-4A2D-A509-7615F73167A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C95E234-D335-4B6C-96BF-E2CEBD8654ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F717D8-3014-4F84-8086-0124B2111379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"24DBE6C7-2AAE-4818-AED2-E131F153D2FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"24B88717-53F5-42AA-9B72-14C707639E3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EF8CD82-1EAE-4254-9545-F85AB94CF90F\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3387e043918e154ca08d83954966a8b087fe2835\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d3e61af64b770e0038470c81f42bd1d0598f6bcc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.