Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2024-49989

Description

In the Linux kernel, the following vulnerability has been resolved:drm/amd/display: fix double free issue during amdgpu module unloadFlexible endpoints use DIGs from available inflexible endpoints,so only the encoders of inflexible links need to be freed.Otherwise, a double free issue may occur when unloading theamdgpu module.[ 279.190523] RIP: 0010:__slab_free+0x152/0x2f0[ 279.190577] Call Trace:[ 279.190580] [ 279.190582] ? show_regs+0x69/0x80[ 279.190590] ? die+0x3b/0x90[ 279.190595] ? do_trap+0xc8/0xe0[ 279.190601] ? do_error_trap+0x73/0xa0[ 279.190605] ? __slab_free+0x152/0x2f0[ 279.190609] ? exc_invalid_op+0x56/0x70[ 279.190616] ? __slab_free+0x152/0x2f0[ 279.190642] ? asm_exc_invalid_op+0x1f/0x30[ 279.190648] ? dcn10_link_encoder_destroy+0x19/0x30 [amdgpu][ 279.191096] ? __slab_free+0x152/0x2f0[ 279.191102] ? dcn10_link_encoder_destroy+0x19/0x30 [amdgpu][ 279.191469] kfree+0x260/0x2b0[ 279.191474] dcn10_link_encoder_destroy+0x19/0x30 [amdgpu][ 279.191821] link_destroy+0xd7/0x130 [amdgpu][ 279.192248] dc_destruct+0x90/0x270 [amdgpu][ 279.192666] dc_destroy+0x19/0x40 [amdgpu][ 279.193020] amdgpu_dm_fini+0x16e/0x200 [amdgpu][ 279.193432] dm_hw_fini+0x26/0x40 [amdgpu][ 279.193795] amdgpu_device_fini_hw+0x24c/0x400 [amdgpu][ 279.194108] amdgpu_driver_unload_kms+0x4f/0x70 [amdgpu][ 279.194436] amdgpu_pci_remove+0x40/0x80 [amdgpu][ 279.194632] pci_device_remove+0x3a/0xa0[ 279.194638] device_remove+0x40/0x70[ 279.194642] device_release_driver_internal+0x1ad/0x210[ 279.194647] driver_detach+0x4e/0xa0[ 279.194650] bus_remove_driver+0x6f/0xf0[ 279.194653] driver_unregister+0x33/0x60[ 279.194657] pci_unregister_driver+0x44/0x90[ 279.194662] amdgpu_exit+0x19/0x1f0 [amdgpu][ 279.194939] __do_sys_delete_module.isra.0+0x198/0x2f0[ 279.194946] __x64_sys_delete_module+0x16/0x20[ 279.194950] do_syscall_64+0x58/0x120[ 279.194954] entry_SYSCALL_64_after_hwframe+0x6e/0x76[ 279.194980]

POC

Reference

No PoCs from references.

Github

- https://github.com/bygregonline/devsec-fastapi-report

- https://github.com/fkie-cad/nvd-json-data-feeds

- https://github.com/runwhen-contrib/helm-charts

- https://github.com/w4zu/Debian_security