Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2024-26940

Disclosure Date: May 01, 2024
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed

The driver creates /sys/kernel/debug/dri/0/mob_ttm even when the
corresponding ttm_resource_manager is not allocated.
This leads to a crash when trying to read from this file.

Add a check to create mob_ttm, system_mob_ttm, and gmr_ttm debug file
only when the corresponding ttm_resource_manager is allocated.

crash> bt
PID: 3133409 TASK: ffff8fe4834a5000 CPU: 3 COMMAND: “grep”
#0 [ffffb954506b3b20] machine_kexec at ffffffffb2a6bec3
#1 [ffffb954506b3b78] __crash_kexec at ffffffffb2bb598a
#2 [ffffb954506b3c38] crash_kexec at ffffffffb2bb68c1
#3 [ffffb954506b3c50] oops_end at ffffffffb2a2a9b1
#4 [ffffb954506b3c70] no_context at ffffffffb2a7e913
#5 [ffffb954506b3cc8] __bad_area_nosemaphore at ffffffffb2a7ec8c
#6 [ffffb954506b3d10] do_page_fault at ffffffffb2a7f887
#7 [ffffb954506b3d40] page_fault at ffffffffb360116e

[exception RIP: ttm_resource_manager_debug+0x11]
RIP: ffffffffc04afd11  RSP: ffffb954506b3df0  RFLAGS: 00010246
RAX: ffff8fe41a6d1200  RBX: 0000000000000000  RCX: 0000000000000940
RDX: 0000000000000000  RSI: ffffffffc04b4338  RDI: 0000000000000000
RBP: ffffb954506b3e08   R8: ffff8fee3ffad000   R9: 0000000000000000
R10: ffff8fe41a76a000  R11: 0000000000000001  R12: 00000000ffffffff
R13: 0000000000000001  R14: ffff8fe5bb6f3900  R15: ffff8fe41a6d1200
ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018

#8 [ffffb954506b3e00] ttm_resource_manager_show at ffffffffc04afde7 [ttm]
#9 [ffffb954506b3e30] seq_read at ffffffffb2d8f9f3

RIP: 00007f4c4eda8985  RSP: 00007ffdbba9e9f8  RFLAGS: 00000246
RAX: ffffffffffffffda  RBX: 000000000037e000  RCX: 00007f4c4eda8985
RDX: 000000000037e000  RSI: 00007f4c41573000  RDI: 0000000000000003
RBP: 000000000037e000   R8: 0000000000000000   R9: 000000000037fe30
R10: 0000000000000000  R11: 0000000000000246  R12: 00007f4c41573000
R13: 0000000000000003  R14: 00007f4c41572010  R15: 0000000000000003
ORIG_RAX: 0000000000000000  CS: 0033  SS: 002b

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Vendors

  • Linux

Products

  • Linux
Technical Analysis