CVE-2024-26941

In the Linux kernel, the following vulnerability has been resolved:

drm/dp: Fix divide-by-zero regression on DP MST unplug with nouveau

Fix a regression when using nouveau and unplugging a StarTech MSTDP122DP DisplayPort 1.2 MST hub (the same regression does not appear when using a Cable Matters DisplayPort 1.4 MST hub). Trace:

divide error: 0000 [#1] PREEMPT SMP PTI CPU: 7 PID: 2962 Comm: Xorg Not tainted 6.8.0-rc3+ #744 Hardware name: Razer Blade/DANAMB, BIOS 01.01 08/31/2018 RIP: 0010:drmdpbwoverhead+0xb4/0x110 [drmdisplayhelper] Code: c6 b8 01 00 00 00 75 61 01 c6 41 0f af f3 41 0f af f1 c1 e1 04 48 63 c7 31 d2 89 ff 48 8b 5d f8 c9 48 0f af f1 48 8d 44 06 ff <48> f7 f7 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 45 31 RSP: 0018:ffffb2c5c211fa30 EFLAGS: 00010206 RAX: ffffffffffffffff RBX: 0000000000000000 RCX: 0000000000f59b00 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffb2c5c211fa48 R08: 0000000000000001 R09: 0000000000000020 R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000023b4a R13: ffff91d37d165800 R14: ffff91d36fac6d80 R15: ffff91d34a764010 FS: 00007f4a1ca3fa80(0000) GS:ffff91d6edbc0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000559491d49000 CR3: 000000011d180002 CR4: 00000000003706f0 Call Trace: <TASK> ? showregs+0x6d/0x80 ? die+0x37/0xa0 ? dotrap+0xd4/0xf0 ? doerrortrap+0x71/0xb0 ? drmdpbwoverhead+0xb4/0x110 [drmdisplayhelper] ? excdivideerror+0x3a/0x70 ? drmdpbwoverhead+0xb4/0x110 [drmdisplayhelper] ? asmexcdivideerror+0x1b/0x20 ? drmdpbwoverhead+0xb4/0x110 [drmdisplayhelper] ? drmdpcalcpbnmode+0x2e/0x70 [drmdisplayhelper] nv50mstoatomiccheck+0xda/0x120 [nouveau] drmatomichelpercheckmodeset+0xa87/0xdf0 [drmkmshelper] drmatomichelpercheck+0x19/0xa0 [drmkmshelper] nv50dispatomiccheck+0x13f/0x2f0 [nouveau] drmatomiccheckonly+0x668/0xb20 [drm] ? drmconnectorlistiternext+0x86/0xc0 [drm] drmatomiccommit+0x58/0xd0 [drm] ? pfxdrmprintfninfo+0x10/0x10 [drm] drmatomicconnectorcommitdpms+0xd7/0x100 [drm] drmmodeobjsetpropertyioctl+0x1c5/0x450 [drm] ? _pfxdrmconnectorpropertysetioctl+0x10/0x10 [drm] drmconnectorpropertysetioctl+0x3b/0x60 [drm] drmioctlkernel+0xb9/0x120 [drm] drmioctl+0x2d0/0x550 [drm] ? _pfxdrmconnectorpropertysetioctl+0x10/0x10 [drm] nouveaudrmioctl+0x61/0xc0 [nouveau] _x64sysioctl+0xa0/0xf0 dosyscall64+0x76/0x140 ? dosyscall64+0x85/0x140 ? dosyscall64+0x85/0x140 entrySYSCALL64afterhwframe+0x6e/0x76 RIP: 0033:0x7f4a1cd1a94f Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <41> 89 c0 3d 00 f0 ff ff 77 1f 48 8b 44 24 18 64 48 2b 04 25 28 00 RSP: 002b:00007ffd2f1df520 EFLAGS: 00000246 ORIGRAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007ffd2f1df5b0 RCX: 00007f4a1cd1a94f RDX: 00007ffd2f1df5b0 RSI: 00000000c01064ab RDI: 000000000000000f RBP: 00000000c01064ab R08: 000056347932deb8 R09: 000056347a7d99c0 R10: 0000000000000000 R11: 0000000000000246 R12: 000056347938a220 R13: 000000000000000f R14: 0000563479d9f3f0 R15: 0000000000000000 </TASK> Modules linked in: rfcomm xtconntrack nftchainnat xtMASQUERADE nfnat nfconntracknetlink nfconntrack nfdefragipv6 nfdefragipv4 xfrmuser xfrmalgo xtaddrtype nftcompat nftables nfnetlink brnetfilter bridge stp llc ccm cmac algifhash overlay algifskcipher afalg bnep binfmtmisc sndsofpciintelcnl sndsofintelhdacommon sndsochdachda sndsofpci sndsofxtensadsp sndsofintelhda sndsof sndsofutils sndsocacpiintelmatch sndsocacpi sndsoccore sndcompress sndsofintelhdamlink sndhdaextcore iwlmvm intelraplmsr intelraplcommon inteltcccooling x86pkgtempthermal intelpowerclamp mac80211 coretemp kvmintel sndhdacodechdmi kvm sndhda_ ---truncated---