cve-2024-46870
Vulnerability from cvelistv5
Published
2024-10-09 14:02
Modified
2024-11-05 09:48
Severity ?
EPSS score ?
Summary
drm/amd/display: Disable DMCUB timeout for DCN35
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-46870",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T13:24:18.518601Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T13:24:32.448Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/resource/dcn35/dcn35_resource.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "31c254c9cd4b",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
},
{
"lessThan": "7c70e60fbf4b",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/display/dc/resource/dcn35/dcn35_resource.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"version": "6.10.9",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.11",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Disable DMCUB timeout for DCN35\n\n[Why]\nDMCUB can intermittently take longer than expected to process commands.\n\nOld ASIC policy was to continue while logging a diagnostic error - which\nworks fine for ASIC without IPS, but with IPS this could lead to a race\ncondition where we attempt to access DCN state while it\u0027s inaccessible,\nleading to a system hang when the NIU port is not disabled or register\naccesses that timeout and the display configuration in an undefined\nstate.\n\n[How]\nWe need to investigate why these accesses take longer than expected, but\nfor now we should disable the timeout on DCN35 to avoid this race\ncondition. Since the waits happen only at lower interrupt levels the\nrisk of taking too long at higher IRQ and causing a system watchdog\ntimeout are minimal."
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T09:48:12.102Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/31c254c9cd4b122a10db297124f867107a696d83"
},
{
"url": "https://git.kernel.org/stable/c/7c70e60fbf4bff1123f0e8d5cb1ae71df6164d7f"
}
],
"title": "drm/amd/display: Disable DMCUB timeout for DCN35",
"x_generator": {
"engine": "bippy-9e1c9544281a"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-46870",
"datePublished": "2024-10-09T14:02:51.705Z",
"dateReserved": "2024-09-11T15:12:18.295Z",
"dateUpdated": "2024-11-05T09:48:12.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-46870\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-10-09T14:15:07.463\",\"lastModified\":\"2024-10-23T14:26:28.690\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/amd/display: Disable DMCUB timeout for DCN35\\n\\n[Why]\\nDMCUB can intermittently take longer than expected to process commands.\\n\\nOld ASIC policy was to continue while logging a diagnostic error - which\\nworks fine for ASIC without IPS, but with IPS this could lead to a race\\ncondition where we attempt to access DCN state while it\u0027s inaccessible,\\nleading to a system hang when the NIU port is not disabled or register\\naccesses that timeout and the display configuration in an undefined\\nstate.\\n\\n[How]\\nWe need to investigate why these accesses take longer than expected, but\\nfor now we should disable the timeout on DCN35 to avoid this race\\ncondition. Since the waits happen only at lower interrupt levels the\\nrisk of taking too long at higher IRQ and causing a system watchdog\\ntimeout are minimal.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Deshabilitar el tiempo de espera de DMCUB para DCN35 [Por qu\u00e9] DMCUB puede tardar intermitentemente m\u00e1s de lo esperado en procesar comandos. La antigua pol\u00edtica de ASIC era continuar mientras se registra un error de diagn\u00f3stico, lo que funciona bien para ASIC sin IPS, pero con IPS esto podr\u00eda llevar a una condici\u00f3n de ejecuci\u00f3n donde intentamos acceder al estado de DCN mientras es inaccesible, lo que lleva a un bloqueo del sistema cuando el puerto NIU no est\u00e1 deshabilitado o los accesos de registro agotan ese tiempo de espera y la configuraci\u00f3n de pantalla en un estado indefinido. [C\u00f3mo] Necesitamos investigar por qu\u00e9 estos accesos tardan m\u00e1s de lo esperado, pero por ahora debemos deshabilitar el tiempo de espera en DCN35 para evitar esta condici\u00f3n de ejecuci\u00f3n. Dado que las esperas ocurren solo en niveles de interrupci\u00f3n m\u00e1s bajos, el riesgo de tomar demasiado tiempo en IRQ m\u00e1s alto y causar un tiempo de espera del perro guardi\u00e1n del sistema es m\u00ednimo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.10.9\",\"matchCriteriaId\":\"24175937-56EC-4F8D-B998-C00E8F09D4A8\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/31c254c9cd4b122a10db297124f867107a696d83\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7c70e60fbf4bff1123f0e8d5cb1ae71df6164d7f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.