{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-27411", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:47:42.682Z", "datePublished": "2024-05-17T11:50:46.770Z", "dateUpdated": "2025-05-04T09:04:33.441Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:04:33.441Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: keep DMA buffers required for suspend/resume\n\nNouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly.\nThis is likely not as big an issue on systems where the NVGPU is the only GPU, but on multi-GPU set ups it leads to a regression where the kernel module errors and results in a system-wide rendering freeze.\n\nThis commit addresses that regression by moving the two buffers required for suspend and resume to be deallocated at driver unload instead of post init."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c"], "versions": [{"version": "6190d4c08897d748dd25f0b78267a90aa1694e15", "lessThan": "be00e15b240ed71fc30c0576af7ab670c8271661", "status": "affected", "versionType": "git"}, {"version": "042b5f83841fbf7ce39474412db3b5e4765a7ea7", "lessThan": "f6ecfdad359a01c7fd8a3bcfde3ef0acdf107e6e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c"], "versions": [{"version": "6.7.6", "lessThan": "6.7.9", "status": "affected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.6", "versionEndExcluding": "6.7.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/be00e15b240ed71fc30c0576af7ab670c8271661"}, {"url": "https://git.kernel.org/stable/c/f6ecfdad359a01c7fd8a3bcfde3ef0acdf107e6e"}], "title": "drm/nouveau: keep DMA buffers required for suspend/resume", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:34:52.193Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/be00e15b240ed71fc30c0576af7ab670c8271661", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f6ecfdad359a01c7fd8a3bcfde3ef0acdf107e6e", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27411", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:43:09.899488Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:25.106Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/be00e15b240ed71fc30c0576af7ab670c8271661", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f6ecfdad359a01c7fd8a3bcfde3ef0acdf107e6e", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:34:52.193Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27411", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:43:09.899488Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:16.588Z"}}], "cna": {"title": "drm/nouveau: keep DMA buffers required for suspend/resume", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6190d4c08897d748dd25f0b78267a90aa1694e15", "lessThan": "be00e15b240ed71fc30c0576af7ab670c8271661", "versionType": "git"}, {"status": "affected", "version": "042b5f83841fbf7ce39474412db3b5e4765a7ea7", "lessThan": "f6ecfdad359a01c7fd8a3bcfde3ef0acdf107e6e", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.7.6", "lessThan": "6.7.9", "versionType": "semver"}], "programFiles": ["drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c"], "defaultStatus": "unaffected"}], "references": [{"url": "https://git.kernel.org/stable/c/be00e15b240ed71fc30c0576af7ab670c8271661"}, {"url": "https://git.kernel.org/stable/c/f6ecfdad359a01c7fd8a3bcfde3ef0acdf107e6e"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: keep DMA buffers required for suspend/resume\n\nNouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly.\nThis is likely not as big an issue on systems where the NVGPU is the only GPU, but on multi-GPU set ups it leads to a regression where the kernel module errors and results in a system-wide rendering freeze.\n\nThis commit addresses that regression by moving the two buffers required for suspend and resume to be deallocated at driver unload instead of post init."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:54:31.459Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27411", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:54:31.459Z", "dateReserved": "2024-02-25T13:47:42.682Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T11:50:46.770Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9ADD2879-4CBE-4429-88AE-A23574F0F4AB", "versionEndExcluding": "6.7.9", "versionStartIncluding": "6.7.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*", "matchCriteriaId": "62075ACE-B2A0-4B16-829D-B3DA5AE5CC41", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*", "matchCriteriaId": "A780F817-2A77-4130-A9B7-5C25606314E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.8:rc6:*:*:*:*:*:*", "matchCriteriaId": "AEB9199B-AB8F-4877-8964-E2BA95B5F15C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: keep DMA buffers required for suspend/resume\n\nNouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly.\nThis is likely not as big an issue on systems where the NVGPU is the only GPU, but on multi-GPU set ups it leads to a regression where the kernel module errors and results in a system-wide rendering freeze.\n\nThis commit addresses that regression by moving the two buffers required for suspend and resume to be deallocated at driver unload instead of post init."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/nouveau: mantiene los buffers DMA necesarios para suspender/reanudar Nouveau desasigna algunos buffers despu\u00e9s del inicio de GPU que son necesarios para que la suspensi\u00f3n/reanudaci\u00f3n de GPU funcione correctamente. Probablemente esto no sea un problema tan grande en sistemas donde la NVGPU es la \u00fanica GPU, pero en configuraciones de m\u00faltiples GPU conduce a una regresi\u00f3n en la que el m\u00f3dulo del kernel genera errores y provoca una congelaci\u00f3n de la representaci\u00f3n en todo el sistema. Esta confirmaci\u00f3n soluciona esa regresi\u00f3n moviendo los dos buffers necesarios para suspender y reanudar para que se desasignen durante la descarga del controlador en lugar de despu\u00e9s del inicio."}], "id": "CVE-2024-27411", "lastModified": "2025-09-26T17:05:58.223", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-17T12:15:11.910", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/be00e15b240ed71fc30c0576af7ab670c8271661"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f6ecfdad359a01c7fd8a3bcfde3ef0acdf107e6e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/be00e15b240ed71fc30c0576af7ab670c8271661"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f6ecfdad359a01c7fd8a3bcfde3ef0acdf107e6e"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/nouveau: keep DMA buffers required for suspend/resume", "id": "2281111", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281111"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-826", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/nouveau: keep DMA buffers required for suspend/resume\nNouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly.\nThis is likely not as big an issue on systems where the NVGPU is the only GPU, but on multi-GPU set ups it leads to a regression where the kernel module errors and results in a system-wide rendering freeze.\nThis commit addresses that regression by moving the two buffers required for suspend and resume to be deallocated at driver unload instead of post init.", "A flaw was found in the nouveau module in the Linux kernel. In multi-GPU setups, a system-wide rendering freeze can occur when suspending/resuming the system because some resources are released in the wrong place, resulting in a denial of service."], "name": "CVE-2024-27411", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-27411\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27411\nhttps://lore.kernel.org/linux-cve-announce/2024051701-CVE-2024-27411-1af2@gregkh/T"], "statement": "The nouveau module in the Linux kernel as shipped in Red Hat Enterprise Linux 8 and 9 is not affected by this vulnerability because the vulnerable code was introduced in a newer version of the Linux kernel.", "threat_severity": "Moderate"}

{"created": "2025-07-12T16:01:22.616200+00:00", "updated": "2025-07-12T16:01:22.616251+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}