CVE-2024-37026 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Only use reserved BCS instances for usm migrate exec queue The GuC context scheduling queue is 2 entires deep, thus it is possible for a migration job to be stuck behind a fault if migration exec queue shares engines with user jobs. This can deadlock as the migrate exec queue is required to service page faults. Avoid deadlock by only using reserved BCS instances for usm migrate exec queue. (cherry picked from commit 04f4a70a183a688a60fe3882d6e4236ea02cfc67)

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15c
https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0c
https://lore.kernel.org/linux-cve-announce/2024062400-CVE-2024-37026-1d57@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-37026
https://www.cve.org/CVERecord?id=CVE-2024-37026

History

Tue, 05 Nov 2024 10:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 18:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-06-24T13:56:52.759Z

Updated: 2024-11-05T09:29:17.185Z

Reserved: 2024-06-24T13:53:25.523Z

Link: CVE-2024-37026

Vulnrichment

Updated: 2024-08-02T03:43:50.627Z

NVD

Status : Awaiting Analysis

Published: 2024-06-24T14:15:12.307

Modified: 2024-06-24T19:26:47.037

Link: CVE-2024-37026

Redhat

Severity : Low

Publid Date: 2024-06-24T00:00:00Z

Links: CVE-2024-37026 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-37026", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-24T13:53:25.523Z", "datePublished": "2024-06-24T13:56:52.759Z", "dateUpdated": "2024-11-05T09:29:17.185Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:29:17.185Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Only use reserved BCS instances for usm migrate exec queue\n\nThe GuC context scheduling queue is 2 entires deep, thus it is possible\nfor a migration job to be stuck behind a fault if migration exec queue\nshares engines with user jobs. This can deadlock as the migrate exec\nqueue is required to service page faults. Avoid deadlock by only using\nreserved BCS instances for usm migrate exec queue.\n\n(cherry picked from commit 04f4a70a183a688a60fe3882d6e4236ea02cfc67)"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/xe/xe_migrate.c"], "versions": [{"version": "a043fbab7af5", "lessThan": "92deed4a9bfd", "status": "affected", "versionType": "git"}, {"version": "a043fbab7af5", "lessThan": "c8ea2c31f5ea", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/xe/xe_migrate.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.4", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15c"}, {"url": "https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0c"}], "title": "drm/xe: Only use reserved BCS instances for usm migrate exec queue", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:43:50.627Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0c", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37026", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:08:27.545897Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:43.136Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0c", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:43:50.627Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-37026", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:08:27.545897Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:25.358Z"}}], "cna": {"title": "drm/xe: Only use reserved BCS instances for usm migrate exec queue", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "a043fbab7af5", "lessThan": "92deed4a9bfd", "versionType": "git"}, {"status": "affected", "version": "a043fbab7af5", "lessThan": "c8ea2c31f5ea", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/xe/xe_migrate.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.8"}, {"status": "unaffected", "version": "0", "lessThan": "6.8", "versionType": "semver"}, {"status": "unaffected", "version": "6.9.4", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/xe/xe_migrate.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/92deed4a9bfd9ef187764225bba530116c49e15c"}, {"url": "https://git.kernel.org/stable/c/c8ea2c31f5ea437199b239d76ad5db27343edb0c"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Only use reserved BCS instances for usm migrate exec queue\n\nThe GuC context scheduling queue is 2 entires deep, thus it is possible\nfor a migration job to be stuck behind a fault if migration exec queue\nshares engines with user jobs. This can deadlock as the migrate exec\nqueue is required to service page faults. Avoid deadlock by only using\nreserved BCS instances for usm migrate exec queue.\n\n(cherry picked from commit 04f4a70a183a688a60fe3882d6e4236ea02cfc67)"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:29:17.185Z"}}}, "cveMetadata": {"cveId": "CVE-2024-37026", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:29:17.185Z", "dateReserved": "2024-06-24T13:53:25.523Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-06-24T13:56:52.759Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"bugzilla": {"description": "kernel: drm/xe: Only use reserved BCS instances for usm migrate exec queue", "id": "2294210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294210"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-833", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/xe: Only use reserved BCS instances for usm migrate exec queue\nThe GuC context scheduling queue is 2 entires deep, thus it is possible\nfor a migration job to be stuck behind a fault if migration exec queue\nshares engines with user jobs. This can deadlock as the migrate exec\nqueue is required to service page faults. Avoid deadlock by only using\nreserved BCS instances for usm migrate exec queue.\n(cherry picked from commit 04f4a70a183a688a60fe3882d6e4236ea02cfc67)"], "name": "CVE-2024-37026", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-37026\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-37026\nhttps://lore.kernel.org/linux-cve-announce/2024062400-CVE-2024-37026-1d57@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 6.9.4, kernel 6.10-rc2"}