Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentLinuxVULNRICHMENT:CVE-2024-36018
HistoryMay 30, 2024 - 2:59 p.m.

CVE-2024-36018 nouveau/uvmm: fix addr/range calcs for remap operations

2024-05-3014:59:42
Linux
github.com
1
linux kernel
vulnerability
resolved
nouveau/uvmm
remap operation
deqp-vk.sparse_resources
image_rebind
pagetables
oopsing
kernel
cve-2024-36018

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

In the Linux kernel, the following vulnerability has been resolved:

nouveau/uvmm: fix addr/range calcs for remap operations

dEQP-VK.sparse_resources.image_rebind.2d_array.r64i.128_128_8
was causing a remap operation like the below.

op_remap: prev: 0000003fffed0000 00000000000f0000 00000000a5abd18a 0000000000000000
op_remap: next:
op_remap: unmap: 0000003fffed0000 0000000000100000 0
op_map: map: 0000003ffffc0000 0000000000010000 000000005b1ba33c 00000000000e0000

This was resulting in an unmap operation from 0x3fffed0000+0xf0000, 0x100000
which was corrupting the pagetables and oopsing the kernel.

Fixes the prev + unmap range calcs to use start/end and map back to addr/range.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/gpu/drm/nouveau/nouveau_uvmm.c"
    ],
    "versions": [
      {
        "version": "b88baab82871",
        "lessThan": "692a51bebf45",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "b88baab82871",
        "lessThan": "0c16020d2b69",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "b88baab82871",
        "lessThan": "be141849ec00",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/gpu/drm/nouveau/nouveau_uvmm.c"
    ],
    "versions": [
      {
        "version": "6.6",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.6",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.26",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.8.5",
        "lessThanOrEqual": "6.8.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.9",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

cve 1
redhatcve 1
ubuntucve 1
nvd 1
debiancve 1
cvelist 1
nessus 1
cve
cve
CVE-2024-36018
2024-05-30 15:15:48
redhatcve
redhatcve
CVE-2024-36018
2024-06-03 09:01:11
ubuntucve
ubuntucve
CVE-2024-36018
2024-05-30 00:00:00
nvd
nvd
CVE-2024-36018
2024-05-30 15:15:48
debiancve
debiancve
CVE-2024-36018
2024-05-30 15:15:48
cvelist
cvelist
CVE-2024-36018 nouveau/uvmm: fix addr/range calcs for remap operations
2024-05-30 14:59:42
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2135-1)
2024-06-22 00:00:00

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON
Related for VULNRICHMENT:CVE-2024-36018
cve1redhatcve1ubuntucve1nvd1debiancve1cvelist1nessus1