Bug 2312109 (CVE-2024-46712)

Summary: CVE-2024-46712 kernel: drm/vmwgfx: Disable coherent dumb buffers without 3d
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: dfreiber, drow, jburrell, vkumar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2312173    
Bug Blocks:    

Description OSIDB Bzimport 2024-09-13 07:21:12 UTC 
In the Linux kernel, the following vulnerability has been resolved:

drm/vmwgfx: Disable coherent dumb buffers without 3d

Coherent surfaces make only sense if the host renders to them using
accelerated apis. Without 3d the entire content of dumb buffers stays
in the guest making all of the extra work they're doing to synchronize
between guest and host useless.

Configurations without 3d also tend to run with very low graphics
memory limits. The pinned console fb, mob cursors and graphical login
manager tend to run out of 16MB graphics memory that those guests use.

Fix it by making sure the coherent dumb buffers are only used on
configs with 3d enabled.
Comment 1 Michal Findra 2024-09-13 11:14:38 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024091309-CVE-2024-46712-5ca7@gregkh/T