cve-2024-46709
Vulnerability from cvelistv5
Published
2024-09-13 06:33
Modified
2024-12-19 09:21
Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Fix prime with external buffers
Make sure that for external buffers mapping goes through the dma_buf
interface instead of trying to access pages directly.
External buffers might not provide direct access to readable/writable
pages so to make sure the bo's created from external dma_bufs can be
read dma_buf interface has to be used.
Fixes crashes in IGT's kms_prime with vgem. Regular desktop usage won't
trigger this due to the fact that virtual machines will not have
multiple GPUs but it enables better test coverage in IGT.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-46709",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-29T15:00:04.048988Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-29T15:00:18.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vmwgfx/vmwgfx_blit.c",
"drivers/gpu/drm/vmwgfx/vmwgfx_drv.h",
"drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9a9716bbbf3dd6b6cbefba3abcc89af8b72631f4",
"status": "affected",
"version": "65674218b43f2dd54587ab2b06560e17c30d8b41",
"versionType": "git"
},
{
"lessThan": "5c12391ee1ab59cb2f3be3f1f5e6d0fc0c2dc854",
"status": "affected",
"version": "b32233accefff1338806f064fb9b62cf5bc0609f",
"versionType": "git"
},
{
"lessThan": "50f1199250912568606b3778dc56646c10cb7b04",
"status": "affected",
"version": "b32233accefff1338806f064fb9b62cf5bc0609f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/vmwgfx/vmwgfx_blit.c",
"drivers/gpu/drm/vmwgfx/vmwgfx_drv.h",
"drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.9"
},
{
"lessThan": "6.9",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.49",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"version": "6.10.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.11",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix prime with external buffers\n\nMake sure that for external buffers mapping goes through the dma_buf\ninterface instead of trying to access pages directly.\n\nExternal buffers might not provide direct access to readable/writable\npages so to make sure the bo\u0027s created from external dma_bufs can be\nread dma_buf interface has to be used.\n\nFixes crashes in IGT\u0027s kms_prime with vgem. Regular desktop usage won\u0027t\ntrigger this due to the fact that virtual machines will not have\nmultiple GPUs but it enables better test coverage in IGT."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T09:21:26.671Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9a9716bbbf3dd6b6cbefba3abcc89af8b72631f4"
},
{
"url": "https://git.kernel.org/stable/c/5c12391ee1ab59cb2f3be3f1f5e6d0fc0c2dc854"
},
{
"url": "https://git.kernel.org/stable/c/50f1199250912568606b3778dc56646c10cb7b04"
}
],
"title": "drm/vmwgfx: Fix prime with external buffers",
"x_generator": {
"engine": "bippy-5f407fcff5a0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-46709",
"datePublished": "2024-09-13T06:33:41.392Z",
"dateReserved": "2024-09-11T15:12:18.252Z",
"dateUpdated": "2024-12-19T09:21:26.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-46709\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-09-13T07:15:05.793\",\"lastModified\":\"2024-09-19T13:26:24.140\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/vmwgfx: Fix prime with external buffers\\n\\nMake sure that for external buffers mapping goes through the dma_buf\\ninterface instead of trying to access pages directly.\\n\\nExternal buffers might not provide direct access to readable/writable\\npages so to make sure the bo\u0027s created from external dma_bufs can be\\nread dma_buf interface has to be used.\\n\\nFixes crashes in IGT\u0027s kms_prime with vgem. Regular desktop usage won\u0027t\\ntrigger this due to the fact that virtual machines will not have\\nmultiple GPUs but it enables better test coverage in IGT.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/vmwgfx: Corrige prime con b\u00faferes externos Aseg\u00farate de que el mapeo de b\u00faferes externos pase por la interfaz dma_buf en lugar de intentar acceder a las p\u00e1ginas directamente. Los b\u00faferes externos podr\u00edan no proporcionar acceso directo a p\u00e1ginas legibles/escribibles, as\u00ed que para asegurarse de que los bo creados a partir de dma_bufs externos puedan leerse, se debe usar la interfaz dma_buf. Corrige fallas en kms_prime de IGT con vgem. El uso regular del escritorio no activar\u00e1 esto debido al hecho de que las m\u00e1quinas virtuales no tendr\u00e1n m\u00faltiples GPU, pero permite una mejor cobertura de pruebas en IGT.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.6.29\",\"versionEndExcluding\":\"6.6.49\",\"matchCriteriaId\":\"D4F9B48B-A93A-4A89-852A-89E7C17CC905\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.8.8\",\"versionEndExcluding\":\"6.9\",\"matchCriteriaId\":\"5816FBD4-3F69-480D-B4E4-8F653576EDEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.9\",\"versionEndExcluding\":\"6.10.8\",\"matchCriteriaId\":\"0BCC4AEF-4876-4CFA-B9D6-F98855E75E74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B3CE743-2126-47A3-8B7C-822B502CF119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DEB27E7-30AA-45CC-8934-B89263EF3551\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0005AEF-856E-47EB-BFE4-90C46899394D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"39889A68-6D34-47A6-82FC-CD0BF23D6754\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8383ABF-1457-401F-9B61-EE50F4C61F4F\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/50f1199250912568606b3778dc56646c10cb7b04\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5c12391ee1ab59cb2f3be3f1f5e6d0fc0c2dc854\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9a9716bbbf3dd6b6cbefba3abcc89af8b72631f4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.