Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-36885

Опубликовано: 30 мая 2024
Источник: redhat
CVSS3: 4.4

Описание

[REJECTED CVE] A vulnerability has been identified in the Linux kernel's drm/nouveau/firmware module, where enabling SG_DEBUG causes a kernel BUG() in nvkm_firmware_ctor(). This occurs because DMA-allocated memory cannot be converted into memory pages, leading to an invalid scatterlist mapping. An attacker with control over kernel parameters or device initialization could potentially trigger this bug, causing a system crash or denial of service.

Отчет

This CVE has been rejected upstream: https://lore.kernel.org/linux-cve-announce/2024121903-REJECTED-086f@gregkh/

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernelFix deferred
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:931512.11.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:931512.11.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-489
https://bugzilla.redhat.com/show_bug.cgi?id=2284265kernel: drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-36885

ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() Currently, enabling SG_DEBUG in the kernel will cause nouveau to hit a BUG() on startup: kernel BUG at include/linux/scatterlist.h:187! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 7 PID: 930 Comm: (udev-worker) Not tainted 6.9.0-rc3Lyude-Test+ #30 Hardware name: MSI MS-7A39/A320M GAMING PRO (MS-7A39), BIOS 1.I0 01/22/2019 RIP: 0010:sg_init_one+0x85/0xa0 Code: 69 88 32 01 83 e1 03 f6 c3 03 75 20 a8 01 75 1e 48 09 cb 41 89 54 24 08 49 89 1c 24 41 89 6c 24 0c 5b 5d 41 5c e9 7b b9 88 00 <0f> 0b 0f 0b 0f 0b 48 8b 05 5e 46 9a 01 eb b2 66 66 2e 0f 1f 84 00 RSP: 0018:ffffa776017bf6a0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffffa77600d87000 RCX: 000000000000002b RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffa77680d87000 RBP: 000000000000e000 R08: 0000000000000000 R09: 0000000000000000 R10: ffff98f4c46aa508 R11: 0000000000000000 R12: ffff98f4c4...

nvd логотип

CVE-2024-36885

nvd
около 1 года назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

suse-cvrf логотип

SUSE-SU-2024:2203-1

suse-cvrf
12 месяцев назад

Security update for the Linux Kernel

suse-cvrf логотип

SUSE-SU-2024:2135-1

suse-cvrf
12 месяцев назад

Security update for the Linux Kernel

oracle-oval логотип

ELSA-2024-9315

oracle-oval
7 месяцев назад

ELSA-2024-9315: kernel security update (MODERATE)

4.4 Medium

CVSS3