In the Linux kernel, the following vulnerability has been resolved: drm/xe/preempt_fence: enlarge the fence critical section It is really easy to introduce subtle deadlocks in preempt_fence_work_func() since we operate on single global ordered-wq for signalling our preempt fences behind the scenes, so even though we signal a particular fence, everything in the callback should be in the fence critical section, since blocking in the callback will prevent other published fences from signalling. If we enlarge the fence critical section to cover the entire callback, then lockdep should be able to understand this better, and complain if we grab a sensitive lock like vm->lock, which is also held when waiting on preempt fences.
History

Fri, 25 Oct 2024 06:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-764
Metrics threat_severity

Moderate

threat_severity

Low


Wed, 11 Sep 2024 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 06 Sep 2024 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Weaknesses CWE-667
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel

Wed, 04 Sep 2024 23:30:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


Wed, 04 Sep 2024 18:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/xe/preempt_fence: enlarge the fence critical section It is really easy to introduce subtle deadlocks in preempt_fence_work_func() since we operate on single global ordered-wq for signalling our preempt fences behind the scenes, so even though we signal a particular fence, everything in the callback should be in the fence critical section, since blocking in the callback will prevent other published fences from signalling. If we enlarge the fence critical section to cover the entire callback, then lockdep should be able to understand this better, and complain if we grab a sensitive lock like vm->lock, which is also held when waiting on preempt fences.
Title drm/xe/preempt_fence: enlarge the fence critical section
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-09-04T18:35:55.140Z

Updated: 2024-12-19T09:19:04.986Z

Reserved: 2024-08-21T05:34:56.666Z

Link: CVE-2024-44956

cve-icon Vulnrichment

Updated: 2024-09-11T12:42:27.629Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-04T19:15:30.480

Modified: 2024-09-06T16:37:11.777

Link: CVE-2024-44956

cve-icon Redhat

Severity : Low

Publid Date: 2024-09-04T00:00:00Z

Links: CVE-2024-44956 - Bugzilla