{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41022", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-12T12:17:45.614Z", "datePublished": "2024-07-29T13:34:23.507Z", "dateUpdated": "2024-11-05T09:35:09.727Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:35:09.727Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()\n\nThe \"instance\" variable needs to be signed for the error handling to work."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c"], "versions": [{"version": "5594971e0276", "lessThan": "3dd9734878a9", "status": "affected", "versionType": "git"}, {"version": "8112fa72b7f1", "lessThan": "a5224e2123ce", "status": "affected", "versionType": "git"}, {"version": "ea906e9ac61e", "lessThan": "544fa213f15d", "status": "affected", "versionType": "git"}, {"version": "011552f29f20", "lessThan": "e8dfbf83a82b", "status": "affected", "versionType": "git"}, {"version": "5b0a3dc3e878", "lessThan": "4edb0a84e6b3", "status": "affected", "versionType": "git"}, {"version": "0964c84b93db", "lessThan": "d347c9a398bf", "status": "affected", "versionType": "git"}, {"version": "8b2faf1a4f3b", "lessThan": "298e2ce222e7", "status": "affected", "versionType": "git"}, {"version": "8b2faf1a4f3b", "lessThan": "6769a23697f1", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c"], "versions": [{"version": "6.10", "status": "affected"}, {"version": "0", "lessThan": "6.10", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.281", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.223", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.164", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.102", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.43", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.12", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.2", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/3dd9734878a9042f0358301d19a2b006a0fc4d06"}, {"url": "https://git.kernel.org/stable/c/a5224e2123ce21102f346f518db80f004d5053a7"}, {"url": "https://git.kernel.org/stable/c/544fa213f15d27f0370795845d55eeb3e00080d2"}, {"url": "https://git.kernel.org/stable/c/e8dfbf83a82bbfb9680921719fbe65e535af59ea"}, {"url": "https://git.kernel.org/stable/c/4edb0a84e6b32e75dc9bd6dd085b2c2ff19ec287"}, {"url": "https://git.kernel.org/stable/c/d347c9a398bf7eab9408d207c0a50fb720f9de7d"}, {"url": "https://git.kernel.org/stable/c/298e2ce222e712ffafa47288c5b2fcf33d72fda3"}, {"url": "https://git.kernel.org/stable/c/6769a23697f17f9bf9365ca8ed62fe37e361a05a"}], "title": "drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:56.181Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/3dd9734878a9042f0358301d19a2b006a0fc4d06", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a5224e2123ce21102f346f518db80f004d5053a7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/544fa213f15d27f0370795845d55eeb3e00080d2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e8dfbf83a82bbfb9680921719fbe65e535af59ea", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4edb0a84e6b32e75dc9bd6dd085b2c2ff19ec287", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d347c9a398bf7eab9408d207c0a50fb720f9de7d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/298e2ce222e712ffafa47288c5b2fcf33d72fda3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6769a23697f17f9bf9365ca8ed62fe37e361a05a", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41022", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:24:22.256864Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:04.993Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/3dd9734878a9042f0358301d19a2b006a0fc4d06", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a5224e2123ce21102f346f518db80f004d5053a7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/544fa213f15d27f0370795845d55eeb3e00080d2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e8dfbf83a82bbfb9680921719fbe65e535af59ea", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4edb0a84e6b32e75dc9bd6dd085b2c2ff19ec287", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d347c9a398bf7eab9408d207c0a50fb720f9de7d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/298e2ce222e712ffafa47288c5b2fcf33d72fda3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6769a23697f17f9bf9365ca8ed62fe37e361a05a", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:56.181Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41022", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:24:22.256864Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:20.543Z"}}], "cna": {"title": "drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5594971e0276", "lessThan": "3dd9734878a9", "versionType": "git"}, {"status": "affected", "version": "8112fa72b7f1", "lessThan": "a5224e2123ce", "versionType": "git"}, {"status": "affected", "version": "ea906e9ac61e", "lessThan": "544fa213f15d", "versionType": "git"}, {"status": "affected", "version": "011552f29f20", "lessThan": "e8dfbf83a82b", "versionType": "git"}, {"status": "affected", "version": "5b0a3dc3e878", "lessThan": "4edb0a84e6b3", "versionType": "git"}, {"status": "affected", "version": "0964c84b93db", "lessThan": "d347c9a398bf", "versionType": "git"}, {"status": "affected", "version": "8b2faf1a4f3b", "lessThan": "298e2ce222e7", "versionType": "git"}, {"status": "affected", "version": "8b2faf1a4f3b", "lessThan": "6769a23697f1", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.10"}, {"status": "unaffected", "version": "0", "lessThan": "6.10", "versionType": "custom"}, {"status": "unaffected", "version": "5.4.281", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.223", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.164", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.102", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.43", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.12", "versionType": "custom", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10.2", "versionType": "custom", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/amd/amdgpu/sdma_v4_0.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/3dd9734878a9042f0358301d19a2b006a0fc4d06"}, {"url": "https://git.kernel.org/stable/c/a5224e2123ce21102f346f518db80f004d5053a7"}, {"url": "https://git.kernel.org/stable/c/544fa213f15d27f0370795845d55eeb3e00080d2"}, {"url": "https://git.kernel.org/stable/c/e8dfbf83a82bbfb9680921719fbe65e535af59ea"}, {"url": "https://git.kernel.org/stable/c/4edb0a84e6b32e75dc9bd6dd085b2c2ff19ec287"}, {"url": "https://git.kernel.org/stable/c/d347c9a398bf7eab9408d207c0a50fb720f9de7d"}, {"url": "https://git.kernel.org/stable/c/298e2ce222e712ffafa47288c5b2fcf33d72fda3"}, {"url": "https://git.kernel.org/stable/c/6769a23697f17f9bf9365ca8ed62fe37e361a05a"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()\n\nThe \"instance\" variable needs to be signed for the error handling to work."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-09-15T17:52:13.431Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41022", "state": "PUBLISHED", "dateUpdated": "2024-09-15T17:52:13.431Z", "dateReserved": "2024-07-12T12:17:45.614Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-29T13:34:23.507Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()\n\nThe \"instance\" variable needs to be signed for the error handling to work."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: drm/amdgpu: corrigi\u00f3 el error de firma en sdma_v4_0_process_trap_irq() La variable \"instance\" debe estar firmada para que funcione el manejo de errores."}], "id": "CVE-2024-41022", "lastModified": "2024-07-29T16:21:52.517", "metrics": {}, "published": "2024-07-29T14:15:03.943", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/298e2ce222e712ffafa47288c5b2fcf33d72fda3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3dd9734878a9042f0358301d19a2b006a0fc4d06"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/4edb0a84e6b32e75dc9bd6dd085b2c2ff19ec287"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/544fa213f15d27f0370795845d55eeb3e00080d2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6769a23697f17f9bf9365ca8ed62fe37e361a05a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a5224e2123ce21102f346f518db80f004d5053a7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d347c9a398bf7eab9408d207c0a50fb720f9de7d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e8dfbf83a82bbfb9680921719fbe65e535af59ea"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()", "id": "2300365", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300365"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H", "status": "draft"}, "cwe": "(CWE-191|CWE-388)", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq()\nThe \"instance\" variable needs to be signed for the error handling to work.", "A vulnerability was found in the AMDGPU DRM driver\u2019s sdma_v4_0_process_trap_irq() function in the Linux Kernel. This issue was addressed by correcting a signedness issue. The instance variable, which was previously unsigned, was changed to a signed type to ensure proper error handling."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-41022", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-41022\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-41022\nhttps://lore.kernel.org/linux-cve-announce/2024072929-CVE-2024-41022-5696@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 5.4.281, kernel 5.10.223, kernel 5.15.164, kernel 6.1.102, kernel 6.6.43, kernel 6.9.12, kernel 6.10.2, kernel 6.11-rc1"}