fkie_cve-2024-57921
Vulnerability from fkie_nvd
Published
2025-01-19 12:15
Modified
2025-09-26 19:49
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add a lock when accessing the buddy trim function When running YouTube videos and Steam games simultaneously, the tester found a system hang / race condition issue with the multi-display configuration setting. Adding a lock to the buddy allocator's trim function would be the solution. <log snip> [ 7197.250436] general protection fault, probably for non-canonical address 0xdead000000000108 [ 7197.250447] RIP: 0010:__alloc_range+0x8b/0x340 [amddrm_buddy] [ 7197.250470] Call Trace: [ 7197.250472] <TASK> [ 7197.250475] ? show_regs+0x6d/0x80 [ 7197.250481] ? die_addr+0x37/0xa0 [ 7197.250483] ? exc_general_protection+0x1db/0x480 [ 7197.250488] ? drm_suballoc_new+0x13c/0x93d [drm_suballoc_helper] [ 7197.250493] ? asm_exc_general_protection+0x27/0x30 [ 7197.250498] ? __alloc_range+0x8b/0x340 [amddrm_buddy] [ 7197.250501] ? __alloc_range+0x109/0x340 [amddrm_buddy] [ 7197.250506] amddrm_buddy_block_trim+0x1b5/0x260 [amddrm_buddy] [ 7197.250511] amdgpu_vram_mgr_new+0x4f5/0x590 [amdgpu] [ 7197.250682] amdttm_resource_alloc+0x46/0xb0 [amdttm] [ 7197.250689] ttm_bo_alloc_resource+0xe4/0x370 [amdttm] [ 7197.250696] amdttm_bo_validate+0x9d/0x180 [amdttm] [ 7197.250701] amdgpu_bo_pin+0x15a/0x2f0 [amdgpu] [ 7197.250831] amdgpu_dm_plane_helper_prepare_fb+0xb2/0x360 [amdgpu] [ 7197.251025] ? try_wait_for_completion+0x59/0x70 [ 7197.251030] drm_atomic_helper_prepare_planes.part.0+0x2f/0x1e0 [ 7197.251035] drm_atomic_helper_prepare_planes+0x5d/0x70 [ 7197.251037] drm_atomic_helper_commit+0x84/0x160 [ 7197.251040] drm_atomic_nonblocking_commit+0x59/0x70 [ 7197.251043] drm_mode_atomic_ioctl+0x720/0x850 [ 7197.251047] ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [ 7197.251049] drm_ioctl_kernel+0xb9/0x120 [ 7197.251053] ? srso_alias_return_thunk+0x5/0xfbef5 [ 7197.251056] drm_ioctl+0x2d4/0x550 [ 7197.251058] ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [ 7197.251063] amdgpu_drm_ioctl+0x4e/0x90 [amdgpu] [ 7197.251186] __x64_sys_ioctl+0xa0/0xf0 [ 7197.251190] x64_sys_call+0x143b/0x25c0 [ 7197.251193] do_syscall_64+0x7f/0x180 [ 7197.251197] ? srso_alias_return_thunk+0x5/0xfbef5 [ 7197.251199] ? amdgpu_display_user_framebuffer_create+0x215/0x320 [amdgpu] [ 7197.251329] ? drm_internal_framebuffer_create+0xb7/0x1a0 [ 7197.251332] ? srso_alias_return_thunk+0x5/0xfbef5 (cherry picked from commit 3318ba94e56b9183d0304577c74b33b6b01ce516)
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/758e3c3054b65336cf0c5f240221f63b4fb98478Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/75c8b703e5bded1e33b08fb09b829e7c2c1ed50aPatch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel 6.11
linux linux_kernel 6.11
linux linux_kernel 6.11
linux linux_kernel 6.11
linux linux_kernel 6.11
linux linux_kernel 6.11
linux linux_kernel 6.13
linux linux_kernel 6.13
linux linux_kernel 6.13
linux linux_kernel 6.13
linux linux_kernel 6.13
linux linux_kernel 6.13


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C2507AA-E39E-4945-B4A0-392EBB6E8163",
              "versionEndExcluding": "6.12.10",
              "versionStartIncluding": "6.11.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:-:*:*:*:*:*:*",
              "matchCriteriaId": "4770BA57-3F3F-493B-8608-EC3B25254949",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "B77A9280-37E6-49AD-B559-5B23A3B1DC3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "DE5298B3-04B4-4F3E-B186-01A58B5C75A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "93C0660D-7FB8-4FBA-892A-B064BA71E49E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "034C36A6-C481-41F3-AE9A-D116E5BE6895",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Add a lock when accessing the buddy trim function\n\nWhen running YouTube videos and Steam games simultaneously,\nthe tester found a system hang / race condition issue with\nthe multi-display configuration setting. Adding a lock to\nthe buddy allocator\u0027s trim function would be the solution.\n\n\u003clog snip\u003e\n[ 7197.250436] general protection fault, probably for non-canonical address 0xdead000000000108\n[ 7197.250447] RIP: 0010:__alloc_range+0x8b/0x340 [amddrm_buddy]\n[ 7197.250470] Call Trace:\n[ 7197.250472]  \u003cTASK\u003e\n[ 7197.250475]  ? show_regs+0x6d/0x80\n[ 7197.250481]  ? die_addr+0x37/0xa0\n[ 7197.250483]  ? exc_general_protection+0x1db/0x480\n[ 7197.250488]  ? drm_suballoc_new+0x13c/0x93d [drm_suballoc_helper]\n[ 7197.250493]  ? asm_exc_general_protection+0x27/0x30\n[ 7197.250498]  ? __alloc_range+0x8b/0x340 [amddrm_buddy]\n[ 7197.250501]  ? __alloc_range+0x109/0x340 [amddrm_buddy]\n[ 7197.250506]  amddrm_buddy_block_trim+0x1b5/0x260 [amddrm_buddy]\n[ 7197.250511]  amdgpu_vram_mgr_new+0x4f5/0x590 [amdgpu]\n[ 7197.250682]  amdttm_resource_alloc+0x46/0xb0 [amdttm]\n[ 7197.250689]  ttm_bo_alloc_resource+0xe4/0x370 [amdttm]\n[ 7197.250696]  amdttm_bo_validate+0x9d/0x180 [amdttm]\n[ 7197.250701]  amdgpu_bo_pin+0x15a/0x2f0 [amdgpu]\n[ 7197.250831]  amdgpu_dm_plane_helper_prepare_fb+0xb2/0x360 [amdgpu]\n[ 7197.251025]  ? try_wait_for_completion+0x59/0x70\n[ 7197.251030]  drm_atomic_helper_prepare_planes.part.0+0x2f/0x1e0\n[ 7197.251035]  drm_atomic_helper_prepare_planes+0x5d/0x70\n[ 7197.251037]  drm_atomic_helper_commit+0x84/0x160\n[ 7197.251040]  drm_atomic_nonblocking_commit+0x59/0x70\n[ 7197.251043]  drm_mode_atomic_ioctl+0x720/0x850\n[ 7197.251047]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10\n[ 7197.251049]  drm_ioctl_kernel+0xb9/0x120\n[ 7197.251053]  ? srso_alias_return_thunk+0x5/0xfbef5\n[ 7197.251056]  drm_ioctl+0x2d4/0x550\n[ 7197.251058]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10\n[ 7197.251063]  amdgpu_drm_ioctl+0x4e/0x90 [amdgpu]\n[ 7197.251186]  __x64_sys_ioctl+0xa0/0xf0\n[ 7197.251190]  x64_sys_call+0x143b/0x25c0\n[ 7197.251193]  do_syscall_64+0x7f/0x180\n[ 7197.251197]  ? srso_alias_return_thunk+0x5/0xfbef5\n[ 7197.251199]  ? amdgpu_display_user_framebuffer_create+0x215/0x320 [amdgpu]\n[ 7197.251329]  ? drm_internal_framebuffer_create+0xb7/0x1a0\n[ 7197.251332]  ? srso_alias_return_thunk+0x5/0xfbef5\n\n(cherry picked from commit 3318ba94e56b9183d0304577c74b33b6b01ce516)"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: Agregar un bloqueo al acceder a la funci\u00f3n de recorte del compa\u00f1ero Al ejecutar videos de YouTube y juegos de Steam simult\u00e1neamente, el evaluador encontr\u00f3 un problema de condici\u00f3n de ejecuci\u00f3n/bloqueo del sistema con la configuraci\u00f3n de m\u00faltiples pantallas. Agregar un bloqueo a la funci\u00f3n de recorte del asignador de compa\u00f1eros ser\u00eda la soluci\u00f3n.  [ 7197.250436] error de protecci\u00f3n general, probablemente para la direcci\u00f3n no can\u00f3nica 0xdead000000000108 [ 7197.250447] RIP: 0010:__alloc_range+0x8b/0x340 [amddrm_buddy] [ 7197.250470] Seguimiento de llamadas: [ 7197.250472]  [ 7197.250475] ? asm_exc_general_protection+0x27/0x30 [7197.250498] ? __alloc_range+0x8b/0x340 [amddrm_buddy] [7197.250501] ? __alloc_range+0x109/0x340 [amddrm_buddy] [ 7197.250506] amddrm_buddy_block_trim+0x1b5/0x260 [amddrm_buddy] [ 7197.250511] amdgpu_vram_mgr_new+0x4f5/0x590 [amdgpu] [ 7197.250682] amdttm_resource_alloc+0x46/0xb0 [amdttm] [ 7197.250689] ttm_bo_alloc_resource+0xe4/0x370 [amdttm] [ 7197.250696] amdttm_bo_validate+0x9d/0x180 [amdttm] [ [7197.250701] amdgpu_bo_pin+0x15a/0x2f0 [amdgpu] [ 7197.250831] amdgpu_dm_plane_helper_prepare_fb+0xb2/0x360 [amdgpu] [ 7197.251025] ? drm_atomic_helper_prepare_planes.part.0+0x2f/0x1e0 [ 7197.251035] drm_atomic_helper_prepare_planes+0x5d/0x70 [ 7197.251037] drm_atomic_helper_commit+0x84/0x160 [ 7197.251040] drm_atomic_nonblocking_commit+0x59/0x70 [ 7197.251043] drm_mode_atomic_ioctl+0x720/0x850 [ 7197.251047] ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [ 7197.251049] drm_ioctl_kernel+0xb9/0x120 [ 7197.251053] ? srso_alias_return_thunk+0x5/0xfbef5 [ 7197.251056] drm_ioctl+0x2d4/0x550 [ 7197.251058] ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [ 7197.251063] amdgpu_drm_ioctl+0x4e/0x90 [ amdgpu] [ 7197.251186] __x64_sys_ioctl+0xa0/0xf0 [ 7197.251190] x64_sys_call+0x143b/0x25c0 [ 7197.251193] do_syscall_64+0x7f/0x180 [ 7197.251197] ? srso_alias_return_thunk+0x5/0xfbef5 [ 7197.251199] ? amdgpu_display_user_framebuffer_create+0x215/0x320 [amdgpu] [ 7197.251329] ? drm_internal_framebuffer_create+0xb7/0x1a0 [ 7197.251332] ? srso_alias_return_thunk+0x5/0xfbef5 (seleccionado de el commit 3318ba94e56b9183d0304577c74b33b6b01ce516)"
    }
  ],
  "id": "CVE-2024-57921",
  "lastModified": "2025-09-26T19:49:07.367",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-01-19T12:15:26.247",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/758e3c3054b65336cf0c5f240221f63b4fb98478"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/75c8b703e5bded1e33b08fb09b829e7c2c1ed50a"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-667"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.