{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-35952", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.135Z", "datePublished": "2024-05-20T09:41:46.656Z", "dateUpdated": "2024-09-11T17:32:48.783Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:31:51.975Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ast: Fix soft lockup\n\nThere is a while-loop in ast_dp_set_on_off() that could lead to\ninfinite-loop. This is because the register, VGACRI-Dx, checked in\nthis API is a scratch register actually controlled by a MCU, named\nDPMCU, in BMC.\n\nThese scratch registers are protected by scu-lock. If suc-lock is not\noff, DPMCU can not update these registers and then host will have soft\nlockup due to never updated status.\n\nDPMCU is used to control DP and relative registers to handshake with\nhost's VGA driver. Even the most time-consuming task, DP's link\ntraining, is less than 100ms. 200ms should be enough."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/ast/ast_dp.c"], "versions": [{"version": "594e9c04b586", "lessThan": "8a6fea3fcb57", "status": "affected", "versionType": "git"}, {"version": "594e9c04b586", "lessThan": "a81b2acd43e2", "status": "affected", "versionType": "git"}, {"version": "594e9c04b586", "lessThan": "35768baf0fdf", "status": "affected", "versionType": "git"}, {"version": "594e9c04b586", "lessThan": "bc004f503822", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/ast/ast_dp.c"], "versions": [{"version": "5.19", "status": "affected"}, {"version": "0", "lessThan": "5.19", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.87", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.28", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.8.7", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/8a6fea3fcb577a543ef67683ca7105bde49a38fb"}, {"url": "https://git.kernel.org/stable/c/a81b2acd43e24e419f65df97348c76a5a1496066"}, {"url": "https://git.kernel.org/stable/c/35768baf0fdfc47ede42d899506bad78450e9294"}, {"url": "https://git.kernel.org/stable/c/bc004f5038220b1891ef4107134ccae44be55109"}], "title": "drm/ast: Fix soft lockup", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.044Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8a6fea3fcb577a543ef67683ca7105bde49a38fb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a81b2acd43e24e419f65df97348c76a5a1496066", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/35768baf0fdfc47ede42d899506bad78450e9294", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bc004f5038220b1891ef4107134ccae44be55109", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35952", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:40:45.917761Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:32:48.783Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8a6fea3fcb577a543ef67683ca7105bde49a38fb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a81b2acd43e24e419f65df97348c76a5a1496066", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/35768baf0fdfc47ede42d899506bad78450e9294", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bc004f5038220b1891ef4107134ccae44be55109", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:49.044Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35952", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:40:45.917761Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:12.692Z"}}], "cna": {"title": "drm/ast: Fix soft lockup", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "594e9c04b586", "lessThan": "8a6fea3fcb57", "versionType": "git"}, {"status": "affected", "version": "594e9c04b586", "lessThan": "a81b2acd43e2", "versionType": "git"}, {"status": "affected", "version": "594e9c04b586", "lessThan": "35768baf0fdf", "versionType": "git"}, {"status": "affected", "version": "594e9c04b586", "lessThan": "bc004f503822", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/ast/ast_dp.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.19"}, {"status": "unaffected", "version": "0", "lessThan": "5.19", "versionType": "custom"}, {"status": "unaffected", "version": "6.1.87", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.28", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.7", "versionType": "custom", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/ast/ast_dp.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/8a6fea3fcb577a543ef67683ca7105bde49a38fb"}, {"url": "https://git.kernel.org/stable/c/a81b2acd43e24e419f65df97348c76a5a1496066"}, {"url": "https://git.kernel.org/stable/c/35768baf0fdfc47ede42d899506bad78450e9294"}, {"url": "https://git.kernel.org/stable/c/bc004f5038220b1891ef4107134ccae44be55109"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ast: Fix soft lockup\n\nThere is a while-loop in ast_dp_set_on_off() that could lead to\ninfinite-loop. This is because the register, VGACRI-Dx, checked in\nthis API is a scratch register actually controlled by a MCU, named\nDPMCU, in BMC.\n\nThese scratch registers are protected by scu-lock. If suc-lock is not\noff, DPMCU can not update these registers and then host will have soft\nlockup due to never updated status.\n\nDPMCU is used to control DP and relative registers to handshake with\nhost's VGA driver. Even the most time-consuming task, DP's link\ntraining, is less than 100ms. 200ms should be enough."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:31:51.975Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35952", "state": "PUBLISHED", "dateUpdated": "2024-09-11T17:32:48.783Z", "dateReserved": "2024-05-17T13:50:33.135Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-20T09:41:46.656Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ast: Fix soft lockup\n\nThere is a while-loop in ast_dp_set_on_off() that could lead to\ninfinite-loop. This is because the register, VGACRI-Dx, checked in\nthis API is a scratch register actually controlled by a MCU, named\nDPMCU, in BMC.\n\nThese scratch registers are protected by scu-lock. If suc-lock is not\noff, DPMCU can not update these registers and then host will have soft\nlockup due to never updated status.\n\nDPMCU is used to control DP and relative registers to handshake with\nhost's VGA driver. Even the most time-consuming task, DP's link\ntraining, is less than 100ms. 200ms should be enough."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/ast: corrige el bloqueo suave. Hay un bucle while en ast_dp_set_on_off() que podr\u00eda generar un bucle infinito. Esto se debe a que el registro, VGACRI-Dx, marcado en esta API es un registro temporal en realidad controlado por una MCU, denominada DPMCU, en BMC. Estos registros de scratch est\u00e1n protegidos por scu-lock. Si suc-lock no est\u00e1 desactivado, DPMCU no puede actualizar estos registros y luego el host tendr\u00e1 un bloqueo suave debido a que el estado nunca se actualiz\u00f3. DPMCU se utiliza para controlar DP y los registros relativos al protocolo de enlace con el controlador VGA del host. Incluso la tarea que consume m\u00e1s tiempo, el entrenamiento de enlaces de DP, dura menos de 100 ms. 200 ms deber\u00edan ser suficientes."}], "id": "CVE-2024-35952", "lastModified": "2024-05-20T13:00:04.957", "metrics": {}, "published": "2024-05-20T10:15:10.643", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/35768baf0fdfc47ede42d899506bad78450e9294"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8a6fea3fcb577a543ef67683ca7105bde49a38fb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a81b2acd43e24e419f65df97348c76a5a1496066"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bc004f5038220b1891ef4107134ccae44be55109"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:5102", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5101", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.16.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}], "bugzilla": {"description": "kernel: drm/ast: Fix soft lockup", "id": "2281938", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281938"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/ast: Fix soft lockup\nThere is a while-loop in ast_dp_set_on_off() that could lead to\ninfinite-loop. This is because the register, VGACRI-Dx, checked in\nthis API is a scratch register actually controlled by a MCU, named\nDPMCU, in BMC.\nThese scratch registers are protected by scu-lock. If suc-lock is not\noff, DPMCU can not update these registers and then host will have soft\nlockup due to never updated status.\nDPMCU is used to control DP and relative registers to handshake with\nhost's VGA driver. Even the most time-consuming task, DP's link\ntraining, is less than 100ms. 200ms should be enough."], "name": "CVE-2024-35952", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35952\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35952\nhttps://lore.kernel.org/linux-cve-announce/2024052017-CVE-2024-35952-645b@gregkh/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 6.1.87, kernel 6.6.28, kernel 6.8.7, kernel 6.9"}