Re: CVE-2024-46805: drm/amdgpu: fix the waring dereferencing hive

From: Michal Koutný
Date: Mon Sep 30 2024 - 14:20:51 EST


Hello.

On Fri, Sep 27, 2024 at 02:36:10PM GMT, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
> In the Linux kernel, the following vulnerability has been resolved:
>
> drm/amdgpu: fix the waring dereferencing hive
>
> Check the amdgpu_hive_info *hive that maybe is NULL.

This "fix" introduces (or transforms) a CVE for panic_on_warn=1 users
(if the NULL is reachable by unprivileged users).

The NULL ptr dereference thus needs a better fix (I checked in
v6.12-rc1).

Michal

Attachment: signature.asc
Description: PGP signature