CVE CyberSecurity Database News

CVE-2024-46867 - Linux Kernel Deadlock Resolved in drm/xe/client show_meminfo()

Poster -

A recent vulnerability has been discovered and resolved in the Linux kernel, specifically in the drm/xe/client show_meminfo() function. CVE-2024-46867 is the assigned ID for this vulnerability.

A real deadlock issue, as well as a sleeping in atomic() bug, have been identified in the function. If the bo put process happens to be the last reference, the bo destruction attempts to acquire the same spinlock and sleeping locks, leading to a deadlock situation. To fix this issue, the reference has been dropped using the xe_bo_put_deferred() function and moving the final commit outside of the lock. It is important to note that dropping the lock around the put process can be intricate since the bo might go out of scope and remove itself from the list, making it complicated to navigate to the next list entry.

This fix has been cherry-picked from the commit 0083b8e6f11d7662283a267d4ce7c966812ffd8a.

Let's take a closer look at the code snippet that demonstrates the changes made to resolve the deadlock issue.

...
spin_lock_irqsave(&client->bo_lock, flags);
list_for_each_entry_safe_reverse(bo, tmp, &client->bo_list,
                                 client_list) {
    spin_unlock_irqrestore(&client->bo_lock, flags);
    /* This is the modified part where we release the bo reference. */
    xe_bo_put_deferred(bo);
    spin_lock_irqsave(&client->bo_lock, flags);
}
spin_unlock_irqrestore(&client->bo_lock, flags);
...

In the code above, the spinlock has been unlocked before calling the xe_bo_put_deferred() function and locked again after that. This change prevents the deadlock from occurring when the last reference is dropped.

- Linux Kernel commit 0083b8e6f11d7662283a267d4ce7c966812ffd8a
- Official Linux Kernel repository

It's essential to keep your Linux kernel updated to stay protected from known vulnerabilities like this one. It is recommended to update your kernel to the latest stable version that includes the fix for CVE-2024-46867 and other known vulnerabilities.

Timeline

Published on: 09/27/2024 13:15:17 UTC
Last modified on: 10/01/2024 17:09:58 UTC