cve/published/2024/CVE-2024-53060.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-53060: drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported

 acpi_evaluate_object() may return AE_NOT_FOUND (failure), which
 would result in dereferencing buffer.pointer (obj) while being NULL.

 Although this case may be unrealistic for the current code, it is
 still better to protect against possible bugs.

 Bail out also when status is AE_NOT_FOUND.

 This fixes 1 FORWARD_NULL issue reported by Coverity
 Report: CID 1600951:  Null pointer dereferences  (FORWARD_NULL)

 (cherry picked from commit 91c9e221fe2553edf2db71627d8453f083de87a1)

 The Linux kernel CVE team has assigned CVE-2024-53060 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 4.19.323 with commit 58556dcbd5606a5daccaee73b2130bc16b48e025 and fixed in 4.19.324 with commit ce8a00a00e36f61f5a1e47734332420b68784c43
 	Issue introduced in 5.4.285 with commit 43b4fa6e0e238c6e2662f4fb61d9f51c2785fb1d and fixed in 5.4.286 with commit 8d7a28eca7553d35d4ce192fa1f390f2357df41b
 	Issue introduced in 5.10.229 with commit 234682910971732cd4da96fd95946e296e486b38 and fixed in 5.10.230 with commit 2ac7f253deada4d449559b65a1c1cd0a6f6f19b7
 	Issue introduced in 5.15.170 with commit 6032287747f874b52dc8b9d7490e2799736e035f and fixed in 5.15.172 with commit 27fc29b5376998c126c85cf9b15d9dfc2afc9cbe
 	Issue introduced in 6.1.115 with commit cd67af3c1762de4c2483ae4dbdd98f9ea8fa56e3 and fixed in 6.1.117 with commit 1a9f55ed5b512f510ccd21ad527d532e60550e80
 	Issue introduced in 6.6.59 with commit 975ede2a7bec52b5da1428829b3439667c8a234b and fixed in 6.6.61 with commit a613a392417532ca5aaf3deac6e3277aa7aaef2b
 	Issue introduced in 6.11.6 with commit 1d7175f9c57b1abf9ecfbdfd53ea760761f52ffe and fixed in 6.11.8 with commit b9d9881237afeb52eddd70077b7174bf17e2fa30

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-53060
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/ce8a00a00e36f61f5a1e47734332420b68784c43
 	https://git.kernel.org/stable/c/8d7a28eca7553d35d4ce192fa1f390f2357df41b
 	https://git.kernel.org/stable/c/2ac7f253deada4d449559b65a1c1cd0a6f6f19b7
 	https://git.kernel.org/stable/c/27fc29b5376998c126c85cf9b15d9dfc2afc9cbe
 	https://git.kernel.org/stable/c/1a9f55ed5b512f510ccd21ad527d532e60550e80
 	https://git.kernel.org/stable/c/a613a392417532ca5aaf3deac6e3277aa7aaef2b
 	https://git.kernel.org/stable/c/b9d9881237afeb52eddd70077b7174bf17e2fa30
 	https://git.kernel.org/stable/c/a6dd15981c03f2cdc9a351a278f09b5479d53d2e
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-53060: drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported

	acpi_evaluate_object() may return AE_NOT_FOUND (failure), which
	would result in dereferencing buffer.pointer (obj) while being NULL.

	Although this case may be unrealistic for the current code, it is
	still better to protect against possible bugs.

	Bail out also when status is AE_NOT_FOUND.

	This fixes 1 FORWARD_NULL issue reported by Coverity
	Report: CID 1600951: Null pointer dereferences (FORWARD_NULL)

	(cherry picked from commit 91c9e221fe2553edf2db71627d8453f083de87a1)

	The Linux kernel CVE team has assigned CVE-2024-53060 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 4.19.323 with commit 58556dcbd5606a5daccaee73b2130bc16b48e025 and fixed in 4.19.324 with commit ce8a00a00e36f61f5a1e47734332420b68784c43
	Issue introduced in 5.4.285 with commit 43b4fa6e0e238c6e2662f4fb61d9f51c2785fb1d and fixed in 5.4.286 with commit 8d7a28eca7553d35d4ce192fa1f390f2357df41b
	Issue introduced in 5.10.229 with commit 234682910971732cd4da96fd95946e296e486b38 and fixed in 5.10.230 with commit 2ac7f253deada4d449559b65a1c1cd0a6f6f19b7
	Issue introduced in 5.15.170 with commit 6032287747f874b52dc8b9d7490e2799736e035f and fixed in 5.15.172 with commit 27fc29b5376998c126c85cf9b15d9dfc2afc9cbe
	Issue introduced in 6.1.115 with commit cd67af3c1762de4c2483ae4dbdd98f9ea8fa56e3 and fixed in 6.1.117 with commit 1a9f55ed5b512f510ccd21ad527d532e60550e80
	Issue introduced in 6.6.59 with commit 975ede2a7bec52b5da1428829b3439667c8a234b and fixed in 6.6.61 with commit a613a392417532ca5aaf3deac6e3277aa7aaef2b
	Issue introduced in 6.11.6 with commit 1d7175f9c57b1abf9ecfbdfd53ea760761f52ffe and fixed in 6.11.8 with commit b9d9881237afeb52eddd70077b7174bf17e2fa30

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-53060
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/ce8a00a00e36f61f5a1e47734332420b68784c43
	https://git.kernel.org/stable/c/8d7a28eca7553d35d4ce192fa1f390f2357df41b
	https://git.kernel.org/stable/c/2ac7f253deada4d449559b65a1c1cd0a6f6f19b7
	https://git.kernel.org/stable/c/27fc29b5376998c126c85cf9b15d9dfc2afc9cbe
	https://git.kernel.org/stable/c/1a9f55ed5b512f510ccd21ad527d532e60550e80
	https://git.kernel.org/stable/c/a613a392417532ca5aaf3deac6e3277aa7aaef2b
	https://git.kernel.org/stable/c/b9d9881237afeb52eddd70077b7174bf17e2fa30
	https://git.kernel.org/stable/c/a6dd15981c03f2cdc9a351a278f09b5479d53d2e