CVE-2024-53116

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-53116
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53116.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-53116
Downstream
Related
Published
2024-12-02T13:44:47Z
Modified
2025-10-15T18:30:09.133553Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
drm/panthor: Fix handling of partial GPU mapping of BOs
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/panthor: Fix handling of partial GPU mapping of BOs

This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings.

Panthor didn't correctly handle the case where the partial mapping spanned multiple scatterlists and the mapping offset didn't point to the 1st page of starting scatterlist. The offset variable was not cleared after reaching the starting scatterlist.

Following warning messages were seen. WARNING: CPU: 1 PID: 650 at drivers/iommu/io-pgtable-arm.c:659 _armlpaeunmap+0x254/0x5a0 <snip> pc : _armlpaeunmap+0x254/0x5a0 lr : _armlpaeunmap+0x2cc/0x5a0 <snip> Call trace: _armlpaeunmap+0x254/0x5a0 _armlpaeunmap+0x108/0x5a0 _armlpaeunmap+0x108/0x5a0 _armlpaeunmap+0x108/0x5a0 armlpaeunmappages+0x80/0xa0 panthorvmunmappages+0xac/0x1c8 [panthor] panthorgpuvasmstepunmap+0x4c/0xc8 [panthor] opunmapcb.isra.23.constprop.30+0x54/0x80 _drmgpuvmsmunmap+0x184/0x1c8 drmgpuvmsmunmap+0x40/0x60 panthorvmexecop+0xa8/0x120 [panthor] panthorvmbindexecsyncop+0xc4/0xe8 [panthor] panthorioctlvmbind+0x10c/0x170 [panthor] drmioctlkernel+0xbc/0x138 drmioctl+0x210/0x4b0 _arm64sysioctl+0xb0/0xf8 invokesyscall+0x4c/0x110 el0svccommon.constprop.1+0x98/0xf8 doel0svc+0x24/0x38 el0svc+0x34/0xc8 el0t64synchandler+0xa0/0xc8 el0t64sync+0x174/0x178 <snip> panthor : [drm] drmWARNON(unmappedsz != pgsize * pgcount) WARNING: CPU: 1 PID: 650 at drivers/gpu/drm/panthor/panthormmu.c:922 panthorvmunmappages+0x124/0x1c8 [panthor] <snip> pc : panthorvmunmappages+0x124/0x1c8 [panthor] lr : panthorvmunmap_pages+0x124/0x1c8 [panthor] <snip> panthor : [drm] ERROR failed to unmap range ffffa388f000-ffffa3890000 (requested range ffffa388c000-ffffa3890000)

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
647810ec247641eb5aec8caef818919a4518a0b1
Fixed
d3e61af64b770e0038470c81f42bd1d0598f6bcc
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
647810ec247641eb5aec8caef818919a4518a0b1
Fixed
3387e043918e154ca08d83954966a8b087fe2835

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.11.6
v6.11.7
v6.11.8
v6.11.9
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.8
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.10.0
Fixed
6.11.10