Linux Kernel Vulnerability in AMDGPU Graphics Driver
CVE-2024-46896

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 11 January 2025

Summary

A vulnerability in the AMDGPU graphics driver within the Linux kernel could lead to unexpected behavior due to improper handling of scheduling jobs. Specifically, during job initialization, an incorrect memory access can occur, resulting in system crashes when attempting to free invalid job references after a command submission fails. This issue arises when there's an increment in the job's instruction buffer count without proper validation, compromising system stability and reliability. A recent fix addresses this by ensuring a NULL pointer is passed during the cleanup process, preventing access to invalid memory and enhancing driver performance.

Affected Version(s)

Linux 166df51487f46b6e997dfeea7ca0c2a970853f07 < 65501a4fd84ecdc0af863dbb37759242aab9f2dd

Linux 87210234e5a273ebf9c4110a6aa82b8221478daa

Linux 2da108b4b5fb7ec04d7e951418ed80e97f7c35ad < 67291d601f2b032062b1b2f60ffef1b63e10094c

References

https://git.kernel.org/stable/c/65501a4fd84ecdc0af863dbb3...

https://git.kernel.org/stable/c/da6b2c626ae73c303378ce9ea...

https://git.kernel.org/stable/c/67291d601f2b032062b1b2f60...

Timeline

Vulnerability published
Jan 11, 2025
Vulnerability Reserved
Jan 11, 2025