CVE-2024-57844

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix fault on fd close after unbind If userspace holds an fd open, unbinds the device and then closes it, the driver shouldn't try to access the hardware. Protect it by using drm_dev_enter()/drm_dev_exit(). This fixes the following page fault: <6> [IGT] xe_wedged: exiting, ret=98 <1> BUG: unable to handle page fault for address: ffffc901bc5e508c <1> #PF: supervisor read access in kernel mode <1> #PF: error_code(0x0000) - not-present page ... <4> xe_lrc_update_timestamp+0x1c/0xd0 [xe] <4> xe_exec_queue_update_run_ticks+0x50/0xb0 [xe] <4> xe_exec_queue_fini+0x16/0xb0 [xe] <4> __guc_exec_queue_fini_async+0xc4/0x190 [xe] <4> guc_exec_queue_fini_async+0xa0/0xe0 [xe] <4> guc_exec_queue_fini+0x23/0x40 [xe] <4> xe_exec_queue_destroy+0xb3/0xf0 [xe] <4> xe_file_close+0xd4/0x1a0 [xe] <4> drm_file_free+0x210/0x280 [drm] <4> drm_close_helper.isra.0+0x6d/0x80 [drm] <4> drm_release_noglobal+0x20/0x90 [drm] (cherry picked from commit 4ca1fd418338d4d135428a0eb1e16e3b3ce17ee8)

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/924d43bd10a1f6723ac5181a6e6cc2196ba98cdd	Patch
https://git.kernel.org/stable/c/fe39b222a4139354d32ff9d46b88757f63f71d63	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.12:-::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc7::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.13:rc5::::::

History

No history.

Information

Published : 2025-01-15 13:15

Updated : 2025-10-17 17:17

NVD link : CVE-2024-57844

Mitre link : CVE-2024-57844

CVE.ORG link : CVE-2024-57844

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2024-57844", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-01-15T13:15:12.277", "references": [{"url": "https://git.kernel.org/stable/c/924d43bd10a1f6723ac5181a6e6cc2196ba98cdd", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/fe39b222a4139354d32ff9d46b88757f63f71d63", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix fault on fd close after unbind\n\nIf userspace holds an fd open, unbinds the device and then closes it,\nthe driver shouldn't try to access the hardware. Protect it by using\ndrm_dev_enter()/drm_dev_exit(). This fixes the following page fault:\n\n<6> [IGT] xe_wedged: exiting, ret=98\n<1> BUG: unable to handle page fault for address: ffffc901bc5e508c\n<1> #PF: supervisor read access in kernel mode\n<1> #PF: error_code(0x0000) - not-present page\n...\n<4> xe_lrc_update_timestamp+0x1c/0xd0 [xe]\n<4> xe_exec_queue_update_run_ticks+0x50/0xb0 [xe]\n<4> xe_exec_queue_fini+0x16/0xb0 [xe]\n<4> __guc_exec_queue_fini_async+0xc4/0x190 [xe]\n<4> guc_exec_queue_fini_async+0xa0/0xe0 [xe]\n<4> guc_exec_queue_fini+0x23/0x40 [xe]\n<4> xe_exec_queue_destroy+0xb3/0xf0 [xe]\n<4> xe_file_close+0xd4/0x1a0 [xe]\n<4> drm_file_free+0x210/0x280 [drm]\n<4> drm_close_helper.isra.0+0x6d/0x80 [drm]\n<4> drm_release_noglobal+0x20/0x90 [drm]\n\n(cherry picked from commit 4ca1fd418338d4d135428a0eb1e16e3b3ce17ee8)"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Se corrige un error en el cierre de fd despu\u00e9s de desvincular Si el espacio de usuario mantiene abierto un fd, desvincula el dispositivo y luego lo cierra, el controlador no deber\u00eda intentar acceder al hardware. Prot\u00e9jalo usando drm_dev_enter()/drm_dev_exit(). Esto corrige el siguiente error de p\u00e1gina: <6> [IGT] xe_wedged: saliendo, ret=98 <1> ERROR: no se puede gestionar el error de p\u00e1gina para la direcci\u00f3n: ffffc901bc5e508c <1> #PF: acceso de lectura del supervisor en modo kernel <1> #PF: error_code(0x0000) - not-present page ... <4> xe_lrc_update_timestamp+0x1c/0xd0 [xe] <4> xe_exec_queue_update_run_ticks+0x50/0xb0 [xe] <4> xe_exec_queue_fini+0x16/0xb0 [xe] <4> __guc_exec_queue_fini_async+0xc4/0x190 [xe] <4> guc_exec_queue_fini_async+0xa0/0xe0 [xe] <4> guc_exec_queue_fini+0x23/0x40 [xe] <4> xe_exec_queue_destroy+0xb3/0xf0 [xe] <4> xe_file_close+0xd4/0x1a0 [xe] <4> drm_file_free+0x210/0x280 [drm] <4> drm_close_helper.isra.0+0x6d/0x80 [drm] <4> drm_release_noglobal+0x20/0x90 [drm] (seleccionado de el commit 4ca1fd418338d4d135428a0eb1e16e3b3ce17ee8)"}], "lastModified": "2025-10-17T17:17:06.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51AF98D0-F3AA-4960-8230-B6DE6A952104", "versionEndExcluding": "6.12.9", "versionStartIncluding": "6.12.1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E698080-7669-4132-8817-4C674EEBCE54"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EF8CD82-1EAE-4254-9545-F85AB94CF90F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE491969-75AE-4A6B-9A58-8FC5AF98798F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93C0660D-7FB8-4FBA-892A-B064BA71E49E"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "034C36A6-C481-41F3-AE9A-D116E5BE6895"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}