|
Vulnerabilities
< Back

CVE-2024-41011

Updated on 18 Jul 2024

Severity

7.8 High severity

Details

CVSS score
7.8
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE ID
Links
NISTCIRCLRHELUbuntu

Overview

About vulnerability

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: don’t allow mapping the MMIO HDP page with large pages

We don’t get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We remap the HDP flush registers into this space to allow userspace (CPU or GPU) to flush the HDP when it updates VRAM. However, on systems with >4K pages, we end up exposing PAGE_SIZE of MMIO space.

Details

Affected product:
AlmaLinux 9.2 ESU , Oracle Linux 7 ELS , Ubuntu 18.04 ELS
Affected packages:
linux @ 4.15.0 (+2 more)

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: don’t allow mapping the MMIO HDP page with large pages

We don’t get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We remap the HDP flush registers into this space to allow userspace (CPU or GPU) to flush the HDP when it updates VRAM. However, on systems with >4K pages, we end up exposing PAGE_SIZE of MMIO space.

Fixes