GHSA-WW8P-33XG-GVHC

Vulnerability from github – Published: 2024-05-14 15:32 – Updated: 2024-06-10 18:30
VLAI?
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2

This reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap. The basic problem here is that after the move the old location is simply not available any more.

Some fixes were suggested, but essentially we should call the move notification before actually moving things because only this way we have the correct order for DMA-buf and VM move notifications as well.

Also rework the statistic handling so that we don't update the eviction counter before the move.

v2: add missing NULL check

Show details on source website
To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-27400"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-14T15:12:29Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2\n\nThis reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move\non same heap. The basic problem here is that after the move the old\nlocation is simply not available any more.\n\nSome fixes were suggested, but essentially we should call the move\nnotification before actually moving things because only this way we have\nthe correct order for DMA-buf and VM move notifications as well.\n\nAlso rework the statistic handling so that we don\u0027t update the eviction\ncounter before the move.\n\nv2: add missing NULL check",
  "id": "GHSA-ww8p-33xg-gvhc",
  "modified": "2024-06-10T18:30:58Z",
  "published": "2024-05-14T15:32:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27400"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0c7ed3ed35eec9138b88d42217b5a6b9a62bda4d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5c25b169f9a0b34ee410891a96bc9d7b9ed6f9be"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9a4f6e138720b6e9adf7b82a71d0292f3f276480"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d3a9331a6591e9df64791e076f6591f440af51c3"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.