Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel prior to version 6.4.12, which stems from a post-release reuse vulnerability in amdgpucswaitallfences in...

CVE-2023-51042

CVE-2023-51042 affects the Linux kernel up to 6.4.12 where amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c may dereference a freed fence (use-after-free). The issue is fixed in ChangeLog-6.4.12; Astra Linux bulletin also notes the same vulnerability. Impact details and remedia...

CVE-2023-51042

In the Linux kernel before 6.4.12, amdgpucswaitallfences in drivers/gpu/drm/amd/amdgpu/amdgpucs.c has a fence use-after-free...

PT-2024-3462

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the function amdgpu mca smu get mca entry in the Linux kernel, where the variable mca funcs is dereferenced before a NULL check. This can lead to a denial of...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.325.5.el8 - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext Krister Johansen Orabug: 35905508 - char: misc: Increase the maximum number of dynamic misc devices to 1048448 D Scott Phillips Orabug: 35905508 - perf/arm-cmn: Fix invalid pointer when access...

kernel: drm/amdgpu: Fix size validation for non-exclusive domains (v4)

A NULL pointer dereference flaw was found in the Linux kernel's AMD GPU driver in the buffer object size validation logic. A local user on systems with AMD graphics hardware can trigger this issue by requesting memory allocation in non-exclusive domains when the Translation Table Manager domain...

kernel: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

kernel: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()

An array underflow vulnerability was found in the Linux kernel's AMD GPU power management driver. In vega20odneditdpmtable, the inputindex variable is validated to be at most 2 but is not checked for negative values. Since this value is user-controlled via sysfs, a user can provide a negative val...

kernel: Linux kernel: Resource exhaustion in amdgpu due to PCI device reference count leak

A flaw was found in the Linux kernel's drm/amdgpu component. A missing call to pcidevput in the amdgpuatrmgetbios function leads to a PCI device reference count leak. A local attacker could exploit this to cause resource exhaustion, potentially resulting in a Denial of Service DoS...

kernel: drm/amdgpu/powerplay/psm: Fix memory leak in power state init

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/powerplay/psm: Fix memory leak in power state init Commit 902bc65de0b3 "drm/amdgpu/powerplay/psm: return an error in power state init" made the power state init function return early in case of failure to get an entry...

kernel: Linux kernel: Denial of Service due to PCI device reference count leak

A flaw was found in the Linux kernel. A local low-privileged user could exploit a reference count leak in the drm/amdgpu component. This vulnerability, related to how PCI Peripheral Component Interconnect devices are managed, could lead to a Denial of Service DoS by exhausting system resources...

kernel: drm/amdgpu: Fix size validation for non-exclusive domains (v4)

A NULL pointer dereference flaw was found in the Linux kernel's AMD GPU driver in the buffer object size validation logic. A local user on systems with AMD graphics hardware can trigger this issue by requesting memory allocation in non-exclusive domains when the Translation Table Manager domain...

kernel: drm/amdkfd: Fix kernel warning during topology setup

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kernel warning during topology setup This patch fixes the following kernel warning seen during driver load by correctly initializing the p2plink attr before creating the sysfs file: +0.002865 ------------ cut here...

kernel: null pointer when load rlc firmware

A vulnerability was found in the drm/amdgpu driver of Linux Kernel, causing null pointer dereference when attempting to load RLC Run-Length Coding firmware. This issue arises if the firmware has an incorrect header size, causing premature release of the firmware pointer in amdgpuucoderequest,...

kernel: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed when shutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the...

kernel: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()

An array underflow vulnerability was found in the Linux kernel's AMD GPU power management driver. In vega20odneditdpmtable, the inputindex variable is validated to be at most 2 but is not checked for negative values. Since this value is user-controlled via sysfs, a user can provide a negative val...

kernel: Linux kernel: Resource exhaustion in amdgpu due to PCI device reference count leak

A flaw was found in the Linux kernel's drm/amdgpu component. A missing call to pcidevput in the amdgpuatrmgetbios function leads to a PCI device reference count leak. A local attacker could exploit this to cause resource exhaustion, potentially resulting in a Denial of Service DoS...

kernel: drm/amdgpu: SDMA update use unlocked iterator

A denial of service exists in the linux kernel such that there is a SDMA update page table may be called from an unlocked context, leading to damage to system availability and integrity...

kernel: drm/amdkfd: Fix double release compute pasid

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix double release compute pasid If kfdprocessdeviceinitvm returns failure after vm is converted to compute vm and vm-pasid set to compute pasid, KFD will not take pdd-drmfile reference. As a result, drm close file...

kernel: drm/amdgpu/powerplay/psm: Fix memory leak in power state init

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/powerplay/psm: Fix memory leak in power state init Commit 902bc65de0b3 "drm/amdgpu/powerplay/psm: return an error in power state init" made the power state init function return early in case of failure to get an entry...