2320537 – (CVE-2024-49901) CVE-2024-49901 kernel: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs

Bug 2320537 (CVE-2024-49901) - CVE-2024-49901 kernel: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs

Summary: CVE-2024-49901 kernel: drm/msm/adreno: Assign msm_gpu->pdev earlier to avo...

Keywords:
Status:	NEW
Alias:	CVE-2024-49901
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2321059
Blocks:
TreeView+	depends on / blocked

Reported:	2024-10-21 19:09 UTC by OSIDB Bzimport
Modified:	2024-10-22 19:23 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2024-10-21 19:09:10 UTC

In the Linux kernel, the following vulnerability has been resolved:

drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs

There are some cases, such as the one uncovered by Commit 46d4efcccc68
("drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails")
where

msm_gpu_cleanup() : platform_set_drvdata(gpu->pdev, NULL);

is called on gpu->pdev == NULL, as the GPU device has not been fully
initialized yet.

Turns out that there's more than just the aforementioned path that
causes this to happen (e.g. the case when there's speedbin data in the
catalog, but opp-supported-hw is missing in DT).

Assigning msm_gpu->pdev earlier seems like the least painful solution
to this, therefore do so.

Patchwork: https://patchwork.freedesktop.org/patch/602742/

Comment 1 Robb Gatica 2024-10-22 16:47:04 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024102120-CVE-2024-49901-4522@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.