In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU has an unused 4K area of the register BAR space into which you can remap registers. We remap the HDP flush registers into this space to allow userspace (CPU or GPU) to flush the HDP when it updates VRAM. However, on systems with >4K pages, we end up exposing PAGE_SIZE of MMIO space.
History

Thu, 26 Sep 2024 19:00:00 +0000

Type Values Removed Values Added
Metrics threat_severity

Moderate

threat_severity

Low


Wed, 11 Sep 2024 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 06 Sep 2024 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Weaknesses CWE-682
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc7:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
Metrics cvssV3_1

{'score': 6.0, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H'}

cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


Wed, 04 Sep 2024 12:15:00 +0000


Thu, 22 Aug 2024 10:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

cvssV3_1

{'score': 6.0, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-07-18T07:04:04.823Z

Updated: 2024-12-19T09:10:01.256Z

Reserved: 2024-07-12T12:17:45.610Z

Link: CVE-2024-41011

cve-icon Vulnrichment

Updated: 2024-09-11T12:42:20.702Z

cve-icon NVD

Status : Modified

Published: 2024-07-18T07:15:02.070

Modified: 2024-11-21T09:32:03.737

Link: CVE-2024-41011

cve-icon Redhat

Severity : Low

Publid Date: 2024-07-18T00:00:00Z

Links: CVE-2024-41011 - Bugzilla