cve-2024-41011
Vulnerability from cvelistv5
Published
2024-07-18 07:04
Modified
2024-12-19 09:10
Severity ?
EPSS score ?
Summary
drm/amdkfd: don't allow mapping the MMIO HDP page with large pages
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:39:56.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/89fffbdf535ce659c1a26b51ad62070566e33b28"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b4cff994a27ebf7bd3fb9a798a1cdfa8d01b724"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6186c93560889265bfe0914609c274eff40bbeb5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/be4a2a81b6b90d1a47eaeaace4cc8e2cb57b96c7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41011",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T16:25:05.897243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:06.529Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdkfd/kfd_chardev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "009c4d78bcf07c4ac2e3dd9f275b4eaa72b4f884",
"status": "affected",
"version": "d8e408a82704c86ba87c3d58cfe69dcdb758aa07",
"versionType": "git"
},
{
"lessThan": "f7276cdc1912325b64c33fcb1361952c06e55f63",
"status": "affected",
"version": "d8e408a82704c86ba87c3d58cfe69dcdb758aa07",
"versionType": "git"
},
{
"lessThan": "8ad4838040e5515939c071a0f511ce2661a0889d",
"status": "affected",
"version": "d8e408a82704c86ba87c3d58cfe69dcdb758aa07",
"versionType": "git"
},
{
"lessThan": "89fffbdf535ce659c1a26b51ad62070566e33b28",
"status": "affected",
"version": "d8e408a82704c86ba87c3d58cfe69dcdb758aa07",
"versionType": "git"
},
{
"lessThan": "4b4cff994a27ebf7bd3fb9a798a1cdfa8d01b724",
"status": "affected",
"version": "d8e408a82704c86ba87c3d58cfe69dcdb758aa07",
"versionType": "git"
},
{
"lessThan": "6186c93560889265bfe0914609c274eff40bbeb5",
"status": "affected",
"version": "d8e408a82704c86ba87c3d58cfe69dcdb758aa07",
"versionType": "git"
},
{
"lessThan": "be4a2a81b6b90d1a47eaeaace4cc8e2cb57b96c7",
"status": "affected",
"version": "d8e408a82704c86ba87c3d58cfe69dcdb758aa07",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/amd/amdkfd/kfd_chardev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.3"
},
{
"lessThan": "5.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.283",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.225",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.166",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.91",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.31",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"version": "6.8.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.9",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: don\u0027t allow mapping the MMIO HDP page with large pages\n\nWe don\u0027t get the right offset in that case. The GPU has\nan unused 4K area of the register BAR space into which you can\nremap registers. We remap the HDP flush registers into this\nspace to allow userspace (CPU or GPU) to flush the HDP when it\nupdates VRAM. However, on systems with \u003e4K pages, we end up\nexposing PAGE_SIZE of MMIO space."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T09:10:01.256Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/009c4d78bcf07c4ac2e3dd9f275b4eaa72b4f884"
},
{
"url": "https://git.kernel.org/stable/c/f7276cdc1912325b64c33fcb1361952c06e55f63"
},
{
"url": "https://git.kernel.org/stable/c/8ad4838040e5515939c071a0f511ce2661a0889d"
},
{
"url": "https://git.kernel.org/stable/c/89fffbdf535ce659c1a26b51ad62070566e33b28"
},
{
"url": "https://git.kernel.org/stable/c/4b4cff994a27ebf7bd3fb9a798a1cdfa8d01b724"
},
{
"url": "https://git.kernel.org/stable/c/6186c93560889265bfe0914609c274eff40bbeb5"
},
{
"url": "https://git.kernel.org/stable/c/be4a2a81b6b90d1a47eaeaace4cc8e2cb57b96c7"
}
],
"title": "drm/amdkfd: don\u0027t allow mapping the MMIO HDP page with large pages",
"x_generator": {
"engine": "bippy-5f407fcff5a0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-41011",
"datePublished": "2024-07-18T07:04:04.823Z",
"dateReserved": "2024-07-12T12:17:45.610Z",
"dateUpdated": "2024-12-19T09:10:01.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-41011\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-07-18T07:15:02.070\",\"lastModified\":\"2024-09-06T13:19:10.197\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/amdkfd: don\u0027t allow mapping the MMIO HDP page with large pages\\n\\nWe don\u0027t get the right offset in that case. The GPU has\\nan unused 4K area of the register BAR space into which you can\\nremap registers. We remap the HDP flush registers into this\\nspace to allow userspace (CPU or GPU) to flush the HDP when it\\nupdates VRAM. However, on systems with \u003e4K pages, we end up\\nexposing PAGE_SIZE of MMIO space.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdkfd: no permite mapear la p\u00e1gina MMIO HDP con p\u00e1ginas grandes. En ese caso, no obtenemos el desplazamiento correcto. La GPU tiene un \u00e1rea 4K no utilizada del espacio BAR de registros en el que puede reasignar registros. Reasignamos los registros de descarga del HDP en este espacio para permitir que el espacio de usuario (CPU o GPU) vac\u00ede el HDP cuando actualice la VRAM. Sin embargo, en sistemas con p\u00e1ginas \u0026gt;4K, terminamos exponiendo PAGE_SIZE del espacio MMIO.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-682\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.3\",\"versionEndExcluding\":\"5.4.283\",\"matchCriteriaId\":\"D05066F4-CEBB-4CD3-8523-D54F9FE7F513\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.225\",\"matchCriteriaId\":\"C57B46A9-B105-4792-8481-1870DEFB436A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.166\",\"matchCriteriaId\":\"913ED6CD-8ACF-48AF-AA18-7880881DD402\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.91\",\"matchCriteriaId\":\"4F8C886C-75AA-469B-A6A9-12BF1A29C0D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.8.10\",\"matchCriteriaId\":\"6A6B920C-8D8F-4130-86B4-AD334F4CF2E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"22BEDD49-2C6D-402D-9DBF-6646F6ECD10B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"52048DDA-FC5A-4363-95A0-A6357B4D7F8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A06B2CCF-3F43-4FA9-8773-C83C3F5764B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F850DCEC-E08B-4317-A33B-D2DCF39F601B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"91326417-E981-482E-A5A3-28BC1327521B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.9:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAECDCD8-F556-4606-8D7B-5C6D47A501F2\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/009c4d78bcf07c4ac2e3dd9f275b4eaa72b4f884\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4b4cff994a27ebf7bd3fb9a798a1cdfa8d01b724\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6186c93560889265bfe0914609c274eff40bbeb5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/89fffbdf535ce659c1a26b51ad62070566e33b28\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8ad4838040e5515939c071a0f511ce2661a0889d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/be4a2a81b6b90d1a47eaeaace4cc8e2cb57b96c7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f7276cdc1912325b64c33fcb1361952c06e55f63\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.