In the Linux kernel, the following vulnerability has been resolved:
drm/nouveau: fix stale locked mutex in nouveaugemioctl_pushbuf
If VMBIND is enabled on the client the legacy submission ioctl can't be used, however if a client tries to do so regardless it will return an error. In this case the clients mutex remained unlocked leading to a deadlock inside nouveaudrm_postclose or any other nouveau ioctl call.
{ "vanir_signatures": [ { "digest": { "length": 5719.0, "function_hash": "313005850308161169136201224640042943656" }, "target": { "function": "nouveau_gem_ioctl_pushbuf", "file": "drivers/gpu/drm/nouveau/nouveau_gem.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@daf8739c3322a762ce84f240f50e0c39181a41ab", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35786-0b4ee775" }, { "digest": { "length": 5719.0, "function_hash": "313005850308161169136201224640042943656" }, "target": { "function": "nouveau_gem_ioctl_pushbuf", "file": "drivers/gpu/drm/nouveau/nouveau_gem.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c288a61a48ddb77ec097e11ab81b81027cd4e197", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35786-10635bc7" }, { "digest": { "line_hashes": [ "224066720282776540468674335311623506188", "282705776888606735715700051243568225256", "279113573041322919864358930615650531531", "169745151104416620699102287527914981539" ], "threshold": 0.9 }, "target": { "file": "drivers/gpu/drm/nouveau/nouveau_gem.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b466416bdd6ecbde15ce987226ea633a0268fbb1", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35786-493c2a9e" }, { "digest": { "line_hashes": [ "224066720282776540468674335311623506188", "282705776888606735715700051243568225256", "279113573041322919864358930615650531531", "169745151104416620699102287527914981539" ], "threshold": 0.9 }, "target": { "file": "drivers/gpu/drm/nouveau/nouveau_gem.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c288a61a48ddb77ec097e11ab81b81027cd4e197", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35786-53b0fa65" }, { "digest": { "line_hashes": [ "224066720282776540468674335311623506188", "282705776888606735715700051243568225256", "279113573041322919864358930615650531531", "169745151104416620699102287527914981539" ], "threshold": 0.9 }, "target": { "file": "drivers/gpu/drm/nouveau/nouveau_gem.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@daf8739c3322a762ce84f240f50e0c39181a41ab", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35786-8b8aa9f8" }, { "digest": { "length": 5719.0, "function_hash": "313005850308161169136201224640042943656" }, "target": { "function": "nouveau_gem_ioctl_pushbuf", "file": "drivers/gpu/drm/nouveau/nouveau_gem.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b466416bdd6ecbde15ce987226ea633a0268fbb1", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35786-dbf3f370" } ] }