Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2024-26940

Disclosure Date: May 01, 2024 •

CVE-2024-26940

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed

The driver creates /sys/kernel/debug/dri/0/mob_ttm even when the
corresponding ttm_resource_manager is not allocated.
This leads to a crash when trying to read from this file.

Add a check to create mob_ttm, system_mob_ttm, and gmr_ttm debug file
only when the corresponding ttm_resource_manager is allocated.

crash> bt
PID: 3133409 TASK: ffff8fe4834a5000 CPU: 3 COMMAND: “grep”
#0 [ffffb954506b3b20] machine_kexec at ffffffffb2a6bec3
#1 [ffffb954506b3b78] __crash_kexec at ffffffffb2bb598a
#2 [ffffb954506b3c38] crash_kexec at ffffffffb2bb68c1
#3 [ffffb954506b3c50] oops_end at ffffffffb2a2a9b1
#4 [ffffb954506b3c70] no_context at ffffffffb2a7e913
#5 [ffffb954506b3cc8] __bad_area_nosemaphore at ffffffffb2a7ec8c
#6 [ffffb954506b3d10] do_page_fault at ffffffffb2a7f887
#7 [ffffb954506b3d40] page_fault at ffffffffb360116e

[exception RIP: ttm_resource_manager_debug+0x11]
RIP: ffffffffc04afd11  RSP: ffffb954506b3df0  RFLAGS: 00010246
RAX: ffff8fe41a6d1200  RBX: 0000000000000000  RCX: 0000000000000940
RDX: 0000000000000000  RSI: ffffffffc04b4338  RDI: 0000000000000000
RBP: ffffb954506b3e08   R8: ffff8fee3ffad000   R9: 0000000000000000
R10: ffff8fe41a76a000  R11: 0000000000000001  R12: 00000000ffffffff
R13: 0000000000000001  R14: ffff8fe5bb6f3900  R15: ffff8fe41a6d1200
ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018

#8 [ffffb954506b3e00] ttm_resource_manager_show at ffffffffc04afde7 [ttm]
#9 [ffffb954506b3e30] seq_read at ffffffffb2d8f9f3

RIP: 00007f4c4eda8985  RSP: 00007ffdbba9e9f8  RFLAGS: 00000246
RAX: ffffffffffffffda  RBX: 000000000037e000  RCX: 00007f4c4eda8985
RDX: 000000000037e000  RSI: 00007f4c41573000  RDI: 0000000000000003
RBP: 000000000037e000   R8: 0000000000000000   R9: 000000000037fe30
R10: 0000000000000000  R11: 0000000000000246  R12: 00007f4c41573000
R13: 0000000000000003  R14: 00007f4c41572010  R15: 0000000000000003
ORIG_RAX: 0000000000000000  CS: 0033  SS: 002b

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

Linux

Products

Linux

References

Canonical

CVE-2024-26940 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26940)

Miscellaneous

https://git.kernel.org/stable/c/016119154981d81c9e8f2ea3f56b9e2b4ea14500

https://git.kernel.org/stable/c/042ef0afc40fa1a22b3608f22915b91ce39d128f

https://git.kernel.org/stable/c/25e3ce59c1200f1f0563e39de151f34962ab0fe1

https://git.kernel.org/stable/c/eb08db0fc5354fa17b7ed66dab3c503332423451

https://git.kernel.org/stable/c/4be9075fec0a639384ed19975634b662bfab938f

Rapid7

Unknown

CVE-2024-26940

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-26940

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-26940

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-26940

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification