{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-46820", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-09-11T15:12:18.284Z", "datePublished": "2024-09-27T12:36:00.639Z", "dateUpdated": "2024-12-19T09:23:50.942Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T09:23:50.942Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/vcn: remove irq disabling in vcn 5 suspend\n\nWe do not directly enable/disable VCN IRQ in vcn 5.0.0.\nAnd we do not handle the IRQ state as well. So the calls to\ndisable IRQ and set state are removed. This effectively gets\nrid of the warining of\n \"WARN_ON(!amdgpu_irq_enabled(adev, src, type))\"\nin amdgpu_irq_put()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/amdgpu/vcn_v5_0_0.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "aa92264ba6fd4fb570002f69762634221316e7ae", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "10fe1a79cd1bff3048e13120e93c02f8ecd05e9d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/amdgpu/vcn_v5_0_0.c"], "versions": [{"version": "6.10.9", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/aa92264ba6fd4fb570002f69762634221316e7ae"}, {"url": "https://git.kernel.org/stable/c/10fe1a79cd1bff3048e13120e93c02f8ecd05e9d"}], "title": "drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-29T14:14:00.959039Z", "id": "CVE-2024-46820", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-29T14:14:10.628Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-46820", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-29T14:14:00.959039Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-29T14:14:02.310Z"}}], "cna": {"title": "drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "aa92264ba6fd", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "10fe1a79cd1b", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/amd/amdgpu/vcn_v5_0_0.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "6.10.9", "versionType": "semver", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/amd/amdgpu/vcn_v5_0_0.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/aa92264ba6fd4fb570002f69762634221316e7ae"}, {"url": "https://git.kernel.org/stable/c/10fe1a79cd1bff3048e13120e93c02f8ecd05e9d"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/vcn: remove irq disabling in vcn 5 suspend\n\nWe do not directly enable/disable VCN IRQ in vcn 5.0.0.\nAnd we do not handle the IRQ state as well. So the calls to\ndisable IRQ and set state are removed. This effectively gets\nrid of the warining of\n \"WARN_ON(!amdgpu_irq_enabled(adev, src, type))\"\nin amdgpu_irq_put()."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:47:15.653Z"}}}, "cveMetadata": {"cveId": "CVE-2024-46820", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:47:15.653Z", "dateReserved": "2024-09-11T15:12:18.284Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-09-27T12:36:00.639Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F5B2E4D-6C25-4CEF-B66C-96048941FD98", "versionEndExcluding": "6.10.9", "versionStartIncluding": "6.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/vcn: remove irq disabling in vcn 5 suspend\n\nWe do not directly enable/disable VCN IRQ in vcn 5.0.0.\nAnd we do not handle the IRQ state as well. So the calls to\ndisable IRQ and set state are removed. This effectively gets\nrid of the warining of\n \"WARN_ON(!amdgpu_irq_enabled(adev, src, type))\"\nin amdgpu_irq_put()."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu/vcn: eliminar la desactivaci\u00f3n de IRQ en la suspensi\u00f3n de VCN 5 No habilitamos/deshabilitamos directamente la IRQ de VCN en VCN 5.0.0. Y tampoco manejamos el estado de la IRQ. Por lo tanto, se eliminan las llamadas para deshabilitar la IRQ y establecer el estado. Esto elimina de manera efectiva la advertencia de \"WARN_ON(!amdgpu_irq_enabled(adev, src, type))\" en amdgpu_irq_put()."}], "id": "CVE-2024-46820", "lastModified": "2024-11-20T17:34:05.143", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-09-27T13:15:14.707", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/10fe1a79cd1bff3048e13120e93c02f8ecd05e9d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aa92264ba6fd4fb570002f69762634221316e7ae"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend", "id": "2315172", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315172"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-667", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/amdgpu/vcn: remove irq disabling in vcn 5 suspend\nWe do not directly enable/disable VCN IRQ in vcn 5.0.0.\nAnd we do not handle the IRQ state as well. So the calls to\ndisable IRQ and set state are removed. This effectively gets\nrid of the warining of\n\"WARN_ON(!amdgpu_irq_enabled(adev, src, type))\"\nin amdgpu_irq_put()."], "name": "CVE-2024-46820", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-09-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-46820\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-46820\nhttps://lore.kernel.org/linux-cve-announce/2024092712-CVE-2024-46820-6405@gregkh/T"], "statement": "This issue is considered to be a moderate impact flaw, as the exploitation for this will need an ADMIN (or ROOT) privilege (PR:H).", "threat_severity": "Low"}