CVE-2024-42146

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-42146
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add outer runtime_pm protection to xe_live_ktest@xe_dma_buf Any kunit doing any memory access should get their own runtime_pm outer references since they don't use the standard driver API entries. In special this dma_buf from the same driver. Found by pre-merge CI on adding WARN calls for unprotected inner callers: <6> [318.639739] # xe_dma_buf_kunit: running xe_test_dmabuf_import_same_driver <4> [318.639957] ------------[ cut here ]------------ <4> [318.639967] xe 0000:4d:00.0: Missing outer runtime PM protection <4> [318.640049] WARNING: CPU: 117 PID: 3832 at drivers/gpu/drm/xe/xe_pm.c:533 xe_pm_runtime_get_noresume+0x48/0x60 [xe]
CVSS

No CVSS.

References
Link Resource
https://git.kernel.org/stable/c/0888d15ea45ba8ef4508edd1123ea5ad95b58994
https://git.kernel.org/stable/c/f9116f658a6217b101e3b4e89f845775b6fb05d9
Configurations

No configuration.

History

30 Jul 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: agregue protección runtime_pm externa a xe_live_ktest@xe_dma_buf. Cualquier kunit que acceda a la memoria debe obtener sus propias referencias externas runtime_pm ya que no usan las entradas API del controlador estándar. En especial este dma_buf del mismo controlador. Encontrado por CI previo a la fusión al agregar llamadas WARN para llamadores internos desprotegidos: &lt;6&gt; [318.639739] # xe_dma_buf_kunit: ejecutando xe_test_dmabuf_import_same_driver &lt;4&gt; [318.639957] ------------[ cortar aquí ]-- ---------- &lt;4&gt; [318.639967] xe 0000:4d:00.0: Falta protección PM de tiempo de ejecución externo &lt;4&gt; [318.640049] ADVERTENCIA: CPU: 117 PID: 3832 en drivers/gpu/drm/xe /xe_pm.c:533 xe_pm_runtime_get_noresume+0x48/0x60 [xe]

30 Jul 2024, 08:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-30 08:15

Updated : 2024-07-30 13:32

NVD link : CVE-2024-42146

Mitre link : CVE-2024-42146

CVE.ORG link : CVE-2024-42146

JSON object : View

Products Affected

No product.

CWE

No CWE.