CVE-2024-44980

{"id": "CVE-2024-44980", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-09-04T20:15:07.460", "references": [{"url": "https://git.kernel.org/stable/c/f4b2a0ae1a31fd3d1b5ca18ee08319b479cf9b5f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f7ecdd9853dd9f34e7cdfdadfb70b8f40644ebb4", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Fix opregion leak\n\nBeing part o the display, ideally the setup and cleanup would be done by\ndisplay itself. However this is a bigger refactor that needs to be done\non both i915 and xe. For now, just fix the leak:\n\nunreferenced object 0xffff8881a0300008 (size 192):\n comm \"modprobe\", pid 4354, jiffies 4295647021\n hex dump (first 32 bytes):\n 00 00 87 27 81 88 ff ff 18 80 9b 00 00 c9 ff ff ...'............\n 18 81 9b 00 00 c9 ff ff 00 00 00 00 00 00 00 00 ................\n backtrace (crc 99260e31):\n [<ffffffff823ce65b>] kmemleak_alloc+0x4b/0x80\n [<ffffffff81493be2>] kmalloc_trace_noprof+0x312/0x3d0\n [<ffffffffa1345679>] intel_opregion_setup+0x89/0x700 [xe]\n [<ffffffffa125bfaf>] xe_display_init_noirq+0x2f/0x90 [xe]\n [<ffffffffa1199ec3>] xe_device_probe+0x7a3/0xbf0 [xe]\n [<ffffffffa11f3713>] xe_pci_probe+0x333/0x5b0 [xe]\n [<ffffffff81af6be8>] local_pci_probe+0x48/0xb0\n [<ffffffff81af8778>] pci_device_probe+0xc8/0x280\n [<ffffffff81d09048>] really_probe+0xf8/0x390\n [<ffffffff81d0937a>] __driver_probe_device+0x8a/0x170\n [<ffffffff81d09503>] driver_probe_device+0x23/0xb0\n [<ffffffff81d097b7>] __driver_attach+0xc7/0x190\n [<ffffffff81d0628d>] bus_for_each_dev+0x7d/0xd0\n [<ffffffff81d0851e>] driver_attach+0x1e/0x30\n [<ffffffff81d07ac7>] bus_add_driver+0x117/0x250\n\n(cherry picked from commit 6f4e43a2f771b737d991142ec4f6d4b7ff31fbb4)"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/xe: Fix opregion leak Como parte de la pantalla, lo ideal ser\u00eda que la configuraci\u00f3n y la limpieza las hiciera la propia pantalla. Sin embargo, se trata de una refactorizaci\u00f3n m\u00e1s grande que debe realizarse tanto en i915 como en xe. Por ahora, solo arregle la fuga: objeto sin referencia 0xffff8881a0300008 (tama\u00f1o 192): comm \"modprobe\", pid 4354, jiffies 4295647021 volcado hexadecimal (primeros 32 bytes): 00 00 87 27 81 88 ff ff 18 80 9b 00 00 c9 ff ff ...'............ 18 81 9b 00 00 c9 ff ff 00 00 00 00 00 00 00 00 ................ backtrace (crc 99260e31): [] kmemleak_alloc+0x4b/0x80 [] kmalloc_trace_noprof+0x312/0x3d0 [] intel_opregion_setup+0x89/0x700 [xe] [] xe_display_init_noirq+0x2f/0x90 [xe] [] xe_device_probe+0x7a3/0xbf0 [xe] [] xe_pci_probe+0x333/0x5b0 [xe] [] local_pci_probe+0x48/0xb0 [] pci_device_probe+0xc8/0x280 [] really_probe+0xf8/0x390 [] __driver_probe_device+0x8a/0x170 [] driver_probe_device+0x23/0xb0 [] __driver_attach+0xc7/0x190 [] bus_for_each_dev+0x7d/0xd0 [] driver_attach+0x1e/0x30 [] bus_add_driver+0x117/0x250 (seleccionado de el commit) 6f4e43a2f771b737d991142ec4f6d4b7ff31fbb4)"}], "lastModified": "2024-10-10T17:42:53.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E89DCAFA-7226-4A61-B500-1229E533B4BD", "versionEndExcluding": "6.10.7", "versionStartIncluding": "6.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B3CE743-2126-47A3-8B7C-822B502CF119"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DEB27E7-30AA-45CC-8934-B89263EF3551"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0005AEF-856E-47EB-BFE4-90C46899394D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39889A68-6D34-47A6-82FC-CD0BF23D6754"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}