cve/published/2024/CVE-2024-53116.json - pub/scm/linux/security/vulns - Git at Google

 {
    "containers": {
       "cna": {
          "providerMetadata": {
             "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
          },
          "descriptions": [
             {
                "lang": "en",
                "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Fix handling of partial GPU mapping of BOs\n\nThis commit fixes the bug in the handling of partial mapping of the\nbuffer objects to the GPU, which caused kernel warnings.\n\nPanthor didn't correctly handle the case where the partial mapping\nspanned multiple scatterlists and the mapping offset didn't point\nto the 1st page of starting scatterlist. The offset variable was\nnot cleared after reaching the starting scatterlist.\n\nFollowing warning messages were seen.\nWARNING: CPU: 1 PID: 650 at drivers/iommu/io-pgtable-arm.c:659 __arm_lpae_unmap+0x254/0x5a0\n<snip>\npc : __arm_lpae_unmap+0x254/0x5a0\nlr : __arm_lpae_unmap+0x2cc/0x5a0\n<snip>\nCall trace:\n __arm_lpae_unmap+0x254/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n arm_lpae_unmap_pages+0x80/0xa0\n panthor_vm_unmap_pages+0xac/0x1c8 [panthor]\n panthor_gpuva_sm_step_unmap+0x4c/0xc8 [panthor]\n op_unmap_cb.isra.23.constprop.30+0x54/0x80\n __drm_gpuvm_sm_unmap+0x184/0x1c8\n drm_gpuvm_sm_unmap+0x40/0x60\n panthor_vm_exec_op+0xa8/0x120 [panthor]\n panthor_vm_bind_exec_sync_op+0xc4/0xe8 [panthor]\n panthor_ioctl_vm_bind+0x10c/0x170 [panthor]\n drm_ioctl_kernel+0xbc/0x138\n drm_ioctl+0x210/0x4b0\n __arm64_sys_ioctl+0xb0/0xf8\n invoke_syscall+0x4c/0x110\n el0_svc_common.constprop.1+0x98/0xf8\n do_el0_svc+0x24/0x38\n el0_svc+0x34/0xc8\n el0t_64_sync_handler+0xa0/0xc8\n el0t_64_sync+0x174/0x178\n<snip>\npanthor : [drm] drm_WARN_ON(unmapped_sz != pgsize * pgcount)\nWARNING: CPU: 1 PID: 650 at drivers/gpu/drm/panthor/panthor_mmu.c:922 panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\n<snip>\npc : panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\nlr : panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\n<snip>\npanthor : [drm] *ERROR* failed to unmap range ffffa388f000-ffffa3890000 (requested range ffffa388c000-ffffa3890000)"
             }
          ],
          "affected": [
             {
                "product": "Linux",
                "vendor": "Linux",
                "defaultStatus": "unaffected",
                "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                "programFiles": [
                   "drivers/gpu/drm/panthor/panthor_mmu.c"
                ],
                "versions": [
                   {
                      "version": "647810ec247641eb5aec8caef818919a4518a0b1",
                      "lessThan": "d3e61af64b770e0038470c81f42bd1d0598f6bcc",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "647810ec247641eb5aec8caef818919a4518a0b1",
                      "lessThan": "3387e043918e154ca08d83954966a8b087fe2835",
                      "status": "affected",
                      "versionType": "git"
                   }
                ]
             },
             {
                "product": "Linux",
                "vendor": "Linux",
                "defaultStatus": "affected",
                "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                "programFiles": [
                   "drivers/gpu/drm/panthor/panthor_mmu.c"
                ],
                "versions": [
                   {
                      "version": "6.10",
                      "status": "affected"
                   },
                   {
                      "version": "0",
                      "lessThan": "6.10",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "6.11.10",
                      "lessThanOrEqual": "6.11.*",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "6.12",
                      "lessThanOrEqual": "*",
                      "status": "unaffected",
                      "versionType": "original_commit_for_fix"
                   }
                ]
             }
          ],
          "cpeApplicability": [
             {
                "nodes": [
                   {
                      "operator": "OR",
                      "negate": false,
                      "cpeMatch": [
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "6.10",
                            "versionEndExcluding": "6.11.10"
                         },
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "6.10",
                            "versionEndExcluding": "6.12"
                         }
                      ]
                   }
                ]
             }
          ],
          "references": [
             {
                "url": "https://git.kernel.org/stable/c/d3e61af64b770e0038470c81f42bd1d0598f6bcc"
             },
             {
                "url": "https://git.kernel.org/stable/c/3387e043918e154ca08d83954966a8b087fe2835"
             }
          ],
          "title": "drm/panthor: Fix handling of partial GPU mapping of BOs",
          "x_generator": {
             "engine": "bippy-1.2.0"
          }
       }
    },
    "cveMetadata": {
       "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
       "cveID": "CVE-2024-53116",
       "requesterUserId": "gregkh@kernel.org",
       "serial": "1",
       "state": "PUBLISHED"
    },
    "dataType": "CVE_RECORD",
    "dataVersion": "5.0"
 }
	{
	"containers": {
	"cna": {
	"providerMetadata": {
	"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
	},
	"descriptions": [
	{
	"lang": "en",
	"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Fix handling of partial GPU mapping of BOs\n\nThis commit fixes the bug in the handling of partial mapping of the\nbuffer objects to the GPU, which caused kernel warnings.\n\nPanthor didn't correctly handle the case where the partial mapping\nspanned multiple scatterlists and the mapping offset didn't point\nto the 1st page of starting scatterlist. The offset variable was\nnot cleared after reaching the starting scatterlist.\n\nFollowing warning messages were seen.\nWARNING: CPU: 1 PID: 650 at drivers/iommu/io-pgtable-arm.c:659 __arm_lpae_unmap+0x254/0x5a0\n<snip>\npc : __arm_lpae_unmap+0x254/0x5a0\nlr : __arm_lpae_unmap+0x2cc/0x5a0\n<snip>\nCall trace:\n __arm_lpae_unmap+0x254/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n __arm_lpae_unmap+0x108/0x5a0\n arm_lpae_unmap_pages+0x80/0xa0\n panthor_vm_unmap_pages+0xac/0x1c8 [panthor]\n panthor_gpuva_sm_step_unmap+0x4c/0xc8 [panthor]\n op_unmap_cb.isra.23.constprop.30+0x54/0x80\n __drm_gpuvm_sm_unmap+0x184/0x1c8\n drm_gpuvm_sm_unmap+0x40/0x60\n panthor_vm_exec_op+0xa8/0x120 [panthor]\n panthor_vm_bind_exec_sync_op+0xc4/0xe8 [panthor]\n panthor_ioctl_vm_bind+0x10c/0x170 [panthor]\n drm_ioctl_kernel+0xbc/0x138\n drm_ioctl+0x210/0x4b0\n __arm64_sys_ioctl+0xb0/0xf8\n invoke_syscall+0x4c/0x110\n el0_svc_common.constprop.1+0x98/0xf8\n do_el0_svc+0x24/0x38\n el0_svc+0x34/0xc8\n el0t_64_sync_handler+0xa0/0xc8\n el0t_64_sync+0x174/0x178\n<snip>\npanthor : [drm] drm_WARN_ON(unmapped_sz != pgsize * pgcount)\nWARNING: CPU: 1 PID: 650 at drivers/gpu/drm/panthor/panthor_mmu.c:922 panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\n<snip>\npc : panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\nlr : panthor_vm_unmap_pages+0x124/0x1c8 [panthor]\n<snip>\npanthor : [drm] ERROR failed to unmap range ffffa388f000-ffffa3890000 (requested range ffffa388c000-ffffa3890000)"
	}
	],
	"affected": [
	{
	"product": "Linux",
	"vendor": "Linux",
	"defaultStatus": "unaffected",
	"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
	"programFiles": [
	"drivers/gpu/drm/panthor/panthor_mmu.c"
	],
	"versions": [
	{
	"version": "647810ec247641eb5aec8caef818919a4518a0b1",
	"lessThan": "d3e61af64b770e0038470c81f42bd1d0598f6bcc",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "647810ec247641eb5aec8caef818919a4518a0b1",
	"lessThan": "3387e043918e154ca08d83954966a8b087fe2835",
	"status": "affected",
	"versionType": "git"
	}
	]
	},
	{
	"product": "Linux",
	"vendor": "Linux",
	"defaultStatus": "affected",
	"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
	"programFiles": [
	"drivers/gpu/drm/panthor/panthor_mmu.c"
	],
	"versions": [
	{
	"version": "6.10",
	"status": "affected"
	},
	{
	"version": "0",
	"lessThan": "6.10",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "6.11.10",
	"lessThanOrEqual": "6.11.*",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "6.12",
	"lessThanOrEqual": "*",
	"status": "unaffected",
	"versionType": "original_commit_for_fix"
	}
	]
	}
	],
	"cpeApplicability": [
	{
	"nodes": [
	{
	"operator": "OR",
	"negate": false,
	"cpeMatch": [
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "6.10",
	"versionEndExcluding": "6.11.10"
	},
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "6.10",
	"versionEndExcluding": "6.12"
	}
	]
	}
	]
	}
	],
	"references": [
	{
	"url": "https://git.kernel.org/stable/c/d3e61af64b770e0038470c81f42bd1d0598f6bcc"
	},
	{
	"url": "https://git.kernel.org/stable/c/3387e043918e154ca08d83954966a8b087fe2835"
	}
	],
	"title": "drm/panthor: Fix handling of partial GPU mapping of BOs",
	"x_generator": {
	"engine": "bippy-1.2.0"
	}
	}
	},
	"cveMetadata": {
	"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
	"cveID": "CVE-2024-53116",
	"requesterUserId": "gregkh@kernel.org",
	"serial": "1",
	"state": "PUBLISHED"
	},
	"dataType": "CVE_RECORD",
	"dataVersion": "5.0"
	}