CVE-2024-47729

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Use reserved copy engine for user binds on faulting devices User binds map to engines with can fault, faults depend on user binds completion, thus we can deadlock. Avoid this by using reserved copy engine for user binds on faulting devices. While we are here, normalize bind queue creation with a helper. v2: - Pass in extensions to bind queue creation (CI) v3: - s/resevered/reserved (Lucas) - Fix NULL hwe check (Jonathan)

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/439fc1e569c57669dbb842d0a77c7ba0a82a9f5d	Patch
https://git.kernel.org/stable/c/852856e3b6f679c694dd5ec41e5a3c11aa46640b	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-10-21 13:15

Updated : 2024-10-23 20:40

NVD link : CVE-2024-47729

Mitre link : CVE-2024-47729

CVE.ORG link : CVE-2024-47729

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2024-47729", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-10-21T13:15:03.070", "references": [{"url": "https://git.kernel.org/stable/c/439fc1e569c57669dbb842d0a77c7ba0a82a9f5d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/852856e3b6f679c694dd5ec41e5a3c11aa46640b", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Use reserved copy engine for user binds on faulting devices\n\nUser binds map to engines with can fault, faults depend on user binds\ncompletion, thus we can deadlock. Avoid this by using reserved copy\nengine for user binds on faulting devices.\n\nWhile we are here, normalize bind queue creation with a helper.\n\nv2:\n - Pass in extensions to bind queue creation (CI)\nv3:\n - s/resevered/reserved (Lucas)\n - Fix NULL hwe check (Jonathan)"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Utilizar un motor de copia reservada para los enlaces de usuario en dispositivos con fallos Los enlaces de usuario se asignan a motores con fallos, los fallos dependen de que se completen los enlaces de usuario, por lo que podemos bloquear. Evite esto utilizando un motor de copia reservada para los enlaces de usuario en dispositivos con fallos. Mientras estamos aqu\u00ed, normalice la creaci\u00f3n de colas de enlaces con un asistente. v2: - Pasar extensiones para la creaci\u00f3n de colas de enlaces (CI) v3: - s/resevered/reserved (Lucas) - Reparar la comprobaci\u00f3n de hwe NULL (Jonathan)"}], "lastModified": "2024-10-23T20:40:24.640", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3802D3DC-264E-4BC3-8F30-4574E03388B8", "versionEndExcluding": "6.11.2", "versionStartIncluding": "6.8"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}