Informazioni sul CVE-2024-41094
drm/fbdev-dma: Only set smem_start is enable per module option
CWE ID: N/A
Base Score (CVSS): N/A
CVE: CVE-2024-41094
Descrizione: In the Linux kernel, a vulnerability has been resolved concerning the `drm/fbdev-dma` module. Specifically, the `smem_start` setting is now enabled only when required by the user and the memory is not sourced from vmalloc. This breaks systems where DMA memory is backed by vmalloc addresses. An example error is shown below: [ 3.536043] ————[ cut here ]———— [ 3.540716] virt_to_phys used for non-linear address: 000000007fc4f540 (0xffff800086001000) [ 3.552628] WARNING: CPU: 4 PID: 61 at arch/arm64/mm/physaddr.c:12 __virt_to_phys+0x68/0x98 [ 3.565455] Modules linked in: [ 3.568525] CPU: 4 PID: 61 Comm: kworker/u12:5 Not tainted 6.6.23-06226-g4986cc3e1b75-dirty #250 [ 3.577310] Hardware name: NXP i.MX95 19X19 board (DT) [ 3.582452] Workqueue: events_unbound deferred_probe_work_func [ 3.588291] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=–) [ 3.595233] pc : __virt_to_phys+0x68/0x98 [ 3.599246] lr : __virt_to_phys+0x68/0x98 [ 3.603276] sp : ffff800083603990 [ 3.677939] Call trace: [ 3.680393] __virt_to_phys+0x68/0x98 [ 3.684067] drm_fbdev_dma_helper_fb_probe+0x138/0x238 [ 3.689214] __drm_fb_helper_initial_config_and_unlock+0x2b0/0x4c0 [ 3.695385] drm_fb_helper_initial_config+0x4c/0x68 [ 3.677939] drm_fbdev_dma_client_hotplug+0x8c/0xe0 [ 3.700264] drm_client_register+0x60/0xb0 [ 3.705161] drm_fbdev_dma_setup+0x94/0x148 Additionally, DMA memory is assumed to be contiguous in physical address space, which is not guaranteed by vmalloc(). Resolve this by checking the module flag drm_leak_fbdev_smem when DRM allocated the instance of struct fb_info. Fbdev-dma then only sets smem_start only if required (via FBINFO_HIDE_SMEM_START). Also guarantee that the framebuffer is not located in vmalloc address space.”
Vettore di attacco
Punteggio CVSS
Il CVSS è un sistema di valutazione che misura la gravità di una vulnerabilità informatica considerando fattori come l’impatto potenziale, la probabilità di attacco e la facilità di esecuzione.
Riassunto: .
Dettaglio del Vettore
| Metrica | Valore | Significato | Descrizione |
|---|
Riferimenti esterni
- https://git.kernel.org/stable/c/f29fcfbf6067c0d8c83f84a045da9276c08deac5
- https://git.kernel.org/stable/c/00702cfa8432ac67a72f56de5e1d278ddea2ebde
- https://git.kernel.org/stable/c/d92a7580392ad4681b1d4f9275d00b95375ebe01
Prodotti interessati
- Linux – Linux
- Linux – Linux
Relazioni con altri prodotti
Produttore:Linux
Prodotto: Linux
Anno: 2024
CWE:
CVSS: 0.0