{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-46837", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-09-11T15:12:18.288Z", "datePublished": "2024-09-27T12:39:33.089Z", "dateUpdated": "2024-11-05T09:47:35.193Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:47:35.193Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Restrict high priorities on group_create\n\nWe were allowing any users to create a high priority group without any\npermission checks. As a result, this was allowing possible denial of\nservice.\n\nWe now only allow the DRM master or users with the CAP_SYS_NICE\ncapability to set higher priorities than PANTHOR_GROUP_PRIORITY_MEDIUM.\n\nAs the sole user of that uAPI lives in Mesa and hardcode a value of\nMEDIUM [1], this should be safe to do.\n\nAdditionally, as those checks are performed at the ioctl level,\npanthor_group_create now only check for priority level validity.\n\n[1]https://gitlab.freedesktop.org/mesa/mesa/-/blob/f390835074bdf162a63deb0311d1a6de527f9f89/src/gallium/drivers/panfrost/pan_csf.c#L1038"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/panthor/panthor_drv.c", "drivers/gpu/drm/panthor/panthor_sched.c", "include/uapi/drm/panthor_drm.h"], "versions": [{"version": "de8548813824", "lessThan": "33eb0344e186", "status": "affected", "versionType": "git"}, {"version": "de8548813824", "lessThan": "5f7762042f8a", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/panthor/panthor_drv.c", "drivers/gpu/drm/panthor/panthor_sched.c", "include/uapi/drm/panthor_drm.h"], "versions": [{"version": "6.10", "status": "affected"}, {"version": "0", "lessThan": "6.10", "status": "unaffected", "versionType": "semver"}, {"version": "6.10.10", "lessThanOrEqual": "6.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.11", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/33eb0344e186a2bcc257c6c5a6e65c1cb42adb4a"}, {"url": "https://git.kernel.org/stable/c/5f7762042f8a5377bd8a32844db353c0311a7369"}], "title": "drm/panthor: Restrict high priorities on group_create", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-29T14:03:11.555516Z", "id": "CVE-2024-46837", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-29T14:03:15.251Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-46837", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-29T14:03:11.555516Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-29T14:03:12.653Z"}}], "cna": {"title": "drm/panthor: Restrict high priorities on group_create", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "de8548813824", "lessThan": "33eb0344e186", "versionType": "git"}, {"status": "affected", "version": "de8548813824", "lessThan": "5f7762042f8a", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/panthor/panthor_drv.c", "drivers/gpu/drm/panthor/panthor_sched.c", "include/uapi/drm/panthor_drm.h"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.10"}, {"status": "unaffected", "version": "0", "lessThan": "6.10", "versionType": "semver"}, {"status": "unaffected", "version": "6.10.10", "versionType": "semver", "lessThanOrEqual": "6.10.*"}, {"status": "unaffected", "version": "6.11", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/panthor/panthor_drv.c", "drivers/gpu/drm/panthor/panthor_sched.c", "include/uapi/drm/panthor_drm.h"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/33eb0344e186a2bcc257c6c5a6e65c1cb42adb4a"}, {"url": "https://git.kernel.org/stable/c/5f7762042f8a5377bd8a32844db353c0311a7369"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Restrict high priorities on group_create\n\nWe were allowing any users to create a high priority group without any\npermission checks. As a result, this was allowing possible denial of\nservice.\n\nWe now only allow the DRM master or users with the CAP_SYS_NICE\ncapability to set higher priorities than PANTHOR_GROUP_PRIORITY_MEDIUM.\n\nAs the sole user of that uAPI lives in Mesa and hardcode a value of\nMEDIUM [1], this should be safe to do.\n\nAdditionally, as those checks are performed at the ioctl level,\npanthor_group_create now only check for priority level validity.\n\n[1]https://gitlab.freedesktop.org/mesa/mesa/-/blob/f390835074bdf162a63deb0311d1a6de527f9f89/src/gallium/drivers/panfrost/pan_csf.c#L1038"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:47:35.193Z"}}}, "cveMetadata": {"cveId": "CVE-2024-46837", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:47:35.193Z", "dateReserved": "2024-09-11T15:12:18.288Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-09-27T12:39:33.089Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D16659A9-BECD-4E13-8994-B096652762E2", "versionEndExcluding": "6.10.10", "versionStartIncluding": "6.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*", "matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc5:*:*:*:*:*:*", "matchCriteriaId": "B8383ABF-1457-401F-9B61-EE50F4C61F4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc6:*:*:*:*:*:*", "matchCriteriaId": "B77A9280-37E6-49AD-B559-5B23A3B1DC3D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Restrict high priorities on group_create\n\nWe were allowing any users to create a high priority group without any\npermission checks. As a result, this was allowing possible denial of\nservice.\n\nWe now only allow the DRM master or users with the CAP_SYS_NICE\ncapability to set higher priorities than PANTHOR_GROUP_PRIORITY_MEDIUM.\n\nAs the sole user of that uAPI lives in Mesa and hardcode a value of\nMEDIUM [1], this should be safe to do.\n\nAdditionally, as those checks are performed at the ioctl level,\npanthor_group_create now only check for priority level validity.\n\n[1]https://gitlab.freedesktop.org/mesa/mesa/-/blob/f390835074bdf162a63deb0311d1a6de527f9f89/src/gallium/drivers/panfrost/pan_csf.c#L1038"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/panthor: Restringir altas prioridades en group_create Permit\u00edamos que cualquier usuario creara un grupo de alta prioridad sin ninguna verificaci\u00f3n de permisos. Como resultado, esto permit\u00eda una posible denegaci\u00f3n de servicio. Ahora solo permitimos que el maestro DRM o los usuarios con la capacidad CAP_SYS_NICE establezcan prioridades m\u00e1s altas que PANTHOR_GROUP_PRIORITY_MEDIUM. Como el \u00fanico usuario de esa uAPI vive en Mesa y codifica un valor de MEDIUM [1], esto deber\u00eda ser seguro de hacer. Adem\u00e1s, como esas verificaciones se realizan en el nivel ioctl, panthor_group_create ahora solo verifica la validez del nivel de prioridad. [1]https://gitlab.freedesktop.org/mesa/mesa/-/blob/f390835074bdf162a63deb0311d1a6de527f9f89/src/gallium/drivers/panfrost/pan_csf.c#L1038"}], "id": "CVE-2024-46837", "lastModified": "2024-10-09T15:37:51.653", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-09-27T13:15:15.850", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/33eb0344e186a2bcc257c6c5a6e65c1cb42adb4a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5f7762042f8a5377bd8a32844db353c0311a7369"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/panthor: Restrict high priorities on group_create", "id": "2315189", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315189"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/panthor: Restrict high priorities on group_create\nWe were allowing any users to create a high priority group without any\npermission checks. As a result, this was allowing possible denial of\nservice.\nWe now only allow the DRM master or users with the CAP_SYS_NICE\ncapability to set higher priorities than PANTHOR_GROUP_PRIORITY_MEDIUM.\nAs the sole user of that uAPI lives in Mesa and hardcode a value of\nMEDIUM [1], this should be safe to do.\nAdditionally, as those checks are performed at the ioctl level,\npanthor_group_create now only check for priority level validity.\n[1]https://gitlab.freedesktop.org/mesa/mesa/-/blob/f390835074bdf162a63deb0311d1a6de527f9f89/src/gallium/drivers/panfrost/pan_csf.c#L1038"], "name": "CVE-2024-46837", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-09-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-46837\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-46837\nhttps://lore.kernel.org/linux-cve-announce/2024092753-CVE-2024-46837-c69f@gregkh/T"], "threat_severity": "Moderate"}