CVE-2024-57888

In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker After commit 746ae46c1113 ("drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM") amdgpu started seeing the following warning: [ ] workqueue: WQ_MEM_RECLAIM sdma0:drm_sched_run_job_work [gpu_sched] is flushing !WQ_MEM_RECLAIM events:amdgpu_device_delay_enable_gfx_off [amdgpu] ... [ ] Workqueue: sdma0 drm_sched_run_job_work [gpu_sched] ... [ ] Call Trace: [ ] <TASK> ... [ ] ? check_flush_dependency+0xf5/0x110 ... [ ] cancel_delayed_work_sync+0x6e/0x80 [ ] amdgpu_gfx_off_ctrl+0xab/0x140 [amdgpu] [ ] amdgpu_ring_alloc+0x40/0x50 [amdgpu] [ ] amdgpu_ib_schedule+0xf4/0x810 [amdgpu] [ ] ? drm_sched_run_job_work+0x22c/0x430 [gpu_sched] [ ] amdgpu_job_run+0xaa/0x1f0 [amdgpu] [ ] drm_sched_run_job_work+0x257/0x430 [gpu_sched] [ ] process_one_work+0x217/0x720 ... [ ] </TASK> The intent of the verifcation done in check_flush_depedency is to ensure forward progress during memory reclaim, by flagging cases when either a memory reclaim process, or a memory reclaim work item is flushed from a context not marked as memory reclaim safe. This is correct when flushing, but when called from the cancel(_delayed)_work_sync() paths it is a false positive because work is either already running, or will not be running at all. Therefore cancelling it is safe and we can relax the warning criteria by letting the helper know of the calling context. References: 746ae46c1113 ("drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM")

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1fd2a57dcb4de3cb40844a29c71b5d7b46a84334	Patch
https://git.kernel.org/stable/c/de35994ecd2dd6148ab5a6c5050a1670a04dec77	Patch
https://git.kernel.org/stable/c/ffb231471a407c96e114070bf828cd2378fdf431	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc5::::::

History

21 Oct 2025, 11:41

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/1fd2a57dcb4de3cb40844a29c71b5d7b46a84334 -~~	() https://git.kernel.org/stable/c/1fd2a57dcb4de3cb40844a29c71b5d7b46a84334 - Patch
References	~~() https://git.kernel.org/stable/c/de35994ecd2dd6148ab5a6c5050a1670a04dec77 -~~	() https://git.kernel.org/stable/c/de35994ecd2dd6148ab5a6c5050a1670a04dec77 - Patch
References	~~() https://git.kernel.org/stable/c/ffb231471a407c96e114070bf828cd2378fdf431 -~~	() https://git.kernel.org/stable/c/ffb231471a407c96e114070bf828cd2378fdf431 - Patch
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:o:linux:linux_kernel:6.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.13:rc5:::::: cpe:2.3:o:linux:linux_kernel::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux Linux linux Kernel

17 Jan 2025, 14:15

Type	Values Removed	Values Added
References		() https://git.kernel.org/stable/c/1fd2a57dcb4de3cb40844a29c71b5d7b46a84334 -
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: workqueue: No advertir al cancelar el trabajo de WQ_MEM_RECLAIM del trabajador !WQ_MEM_RECLAIM Después de la confirmación 746ae46c1113 ("drm/sched: Marcar las colas de trabajo del programador con WQ_MEM_RECLAIM") amdgpu comenzó a ver la siguiente advertencia: [ ] workqueue: WQ_MEM_RECLAIM sdma0:drm_sched_run_job_work [gpu_sched] is flushing !WQ_MEM_RECLAIM events:amdgpu_device_delay_enable_gfx_off [amdgpu] ... [ ] Workqueue: sdma0 drm_sched_run_job_work [gpu_sched] ... [ ] Call Trace: [ ] ... [ ] ? check_flush_dependency+0xf5/0x110 ... [ ] cancel_delayed_work_sync+0x6e/0x80 [ ] amdgpu_gfx_off_ctrl+0xab/0x140 [amdgpu] [ ] amdgpu_ring_alloc+0x40/0x50 [amdgpu] [ ] amdgpu_ib_schedule+0xf4/0x810 [amdgpu] [ ] ? drm_sched_run_job_work+0x22c/0x430 [gpu_sched] [ ] amdgpu_job_run+0xaa/0x1f0 [amdgpu] [ ] drm_sched_run_job_work+0x257/0x430 [gpu_sched] [ ] process_one_work+0x217/0x720 ... [ ] La intención de la verificación realizada en check_flush_depedency es asegurar el progreso hacia adelante durante la recuperación de memoria, marcando los casos en los que un proceso de recuperación de memoria o un elemento de trabajo de recuperación de memoria se vacían de un contexto no marcado como seguro para la recuperación de memoria. Esto es correcto durante el vaciado, pero cuando se llama desde las rutas cancel(_delayed)_work_sync() es un falso positivo porque el trabajo ya se está ejecutando o no se ejecutará en absoluto. Por lo tanto, cancelarlo es seguro y podemos relajar los criterios de advertencia informando al asistente del contexto de llamada. Referencias: 746ae46c1113 ("drm/sched: Marcar las colas de trabajo del programador con WQ_MEM_RECLAIM")

15 Jan 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-15 13:15

Updated : 2025-10-21 11:41

NVD link : CVE-2024-57888

Mitre link : CVE-2024-57888

CVE.ORG link : CVE-2024-57888

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

5.5 /10