FKIE_CVE-2024-37026

Vulnerability from fkie_nvd - Published: 2024-06-24 14:15 - Updated: 2025-10-03 15:08
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Only use reserved BCS instances for usm migrate exec queue The GuC context scheduling queue is 2 entires deep, thus it is possible for a migration job to be stuck behind a fault if migration exec queue shares engines with user jobs. This can deadlock as the migrate exec queue is required to service page faults. Avoid deadlock by only using reserved BCS instances for usm migrate exec queue. (cherry picked from commit 04f4a70a183a688a60fe3882d6e4236ea02cfc67)
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15cPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0cPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15cPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0cPatch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel 6.10
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02BBA32B-4F0B-43D9-BA15-A273D6A896D5",
              "versionEndExcluding": "6.9.4",
              "versionStartIncluding": "6.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Only use reserved BCS instances for usm migrate exec queue\n\nThe GuC context scheduling queue is 2 entires deep, thus it is possible\nfor a migration job to be stuck behind a fault if migration exec queue\nshares engines with user jobs. This can deadlock as the migrate exec\nqueue is required to service page faults. Avoid deadlock by only using\nreserved BCS instances for usm migrate exec queue.\n\n(cherry picked from commit 04f4a70a183a688a60fe3882d6e4236ea02cfc67)"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: solo use instancias BCS reservadas para la cola ejecutiva de migraci\u00f3n de usm. La cola de programaci\u00f3n de contexto GuC tiene 2 enteros de profundidad, por lo tanto, es posible que un trabajo de migraci\u00f3n quede atascado detr\u00e1s de una falla si la cola ejecutiva de migraci\u00f3n comparte motores con los trabajos de los usuarios. Esto puede bloquearse ya que se requiere la cola de ejecuci\u00f3n de migraci\u00f3n para solucionar los errores de la p\u00e1gina. Evite el punto muerto utilizando \u00fanicamente instancias BCS reservadas para la cola ejecutiva de migraci\u00f3n de usm. (cereza escogida del commit 04f4a70a183a688a60fe3882d6e4236ea02cfc67)"
    }
  ],
  "id": "CVE-2024-37026",
  "lastModified": "2025-10-03T15:08:31.047",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-06-24T14:15:12.307",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0c"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.