CVE-2024-35817
drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
17 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag
Otherwise after the GTT bo is released, the GTT and gart space is freed
but amdgpu_ttm_backend_unbind will not clear the gart page table entry
and leave valid mapping entry pointing to the stale system page. Then
if GPU access the gart address mistakely, it will read undefined value
instead page fault, harder to debug and reproduce the real issue.
Affected products
Linux · LinuxReferences
https://git.kernel.org/stable/c/589c414138a1bed98e652c905937d8f790804efehttps://git.kernel.org/stable/c/5cdce3dda3b3dacde902f63a8ee72c2b7f91912dhttps://git.kernel.org/stable/c/5d5f1a7f3b1039925f79c7894f153c2a905201fbhttps://git.kernel.org/stable/c/6c6064cbe58b43533e3451ad6a8ba9736c109ac3https://git.kernel.org/stable/c/6fcd12cb90888ef2d8af8d4c04e913252eee4ef3https://git.kernel.org/stable/c/e8d27caef2c829a306e1f762fb95f06e8ec676f6