CVE-2024-50144
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-50144
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50144.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-50144
- Downstream
- Related
- Published
- 2024-11-07T09:31:21Z
- Modified
- 2025-10-15T01:54:09.446604Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- drm/xe: fix unbalanced rpm put() with fence_fini()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: fix unbalanced rpm put() with fence_fini()
Currently we can call fence_fini() twice if something goes wrong when sending the GuC CT for the tlb request, since we signal the fence and return an error, leading to the caller also calling fini() on the error path in the case of stack version of the flow, which leads to an extra rpm put() which might later cause device to enter suspend when it shouldn't. It looks like we can just drop the fini() call since the fence signaller side will already call this for us.
There are known mysterious splats with device going to sleep even with an rpm ref, and this could be one candidate.
v2 (Matt B): - Prefer warning if we detect double fini()
(cherry picked from commit cfcbc0520d5055825f0647ab922b655688605183)
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf002702290fccbd473f5bb94e52f25c96917fff2Fixed046bd018c0123b1a49c22abed5f9ea31d1454c78
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf002702290fccbd473f5bb94e52f25c96917fff2Fixed03a86c24aea0920a1ca20a0d7771d5e176db538d
Affected versions
v6.*
v6.11
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.12-rc1
v6.12-rc2
v6.12-rc3
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"id": "CVE-2024-50144-2f2da14d",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@03a86c24aea0920a1ca20a0d7771d5e176db538d",
"signature_version": "v1",
"target": {
"function": "xe_vm_invalidate_vma",
"file": "drivers/gpu/drm/xe/xe_vm.c"
},
"digest": {
"function_hash": "333285273023990322723332148579070440828",
"length": 1362.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2024-50144-38ea59be",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@046bd018c0123b1a49c22abed5f9ea31d1454c78",
"signature_version": "v1",
"target": {
"function": "send_tlb_invalidation",
"file": "drivers/gpu/drm/xe/xe_gt_tlb_invalidation.c"
},
"digest": {
"function_hash": "286635780591422648780489451157990929809",
"length": 1192.0
},
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2024-50144-436cf2c9",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@046bd018c0123b1a49c22abed5f9ea31d1454c78",
"signature_version": "v1",
"target": {
"file": "drivers/gpu/drm/xe/xe_vm.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"152229367523996541757147166217592278991",
"185370206124335892396198487155208589482",
"263105445375871728922224399569922294833",
"134689287553022025882279102646768141396",
"20608855347480309366997156129328429191",
"265260775204862931909947024581625844206",
"275174496872286923195649716847812739575",
"177751637506235238969834021574593443269",
"217877896193134824413991967751645226569",
"263105445375871728922224399569922294833",
"134689287553022025882279102646768141396",
"20608855347480309366997156129328429191",
"202749512231584966313326297301385304800",
"291639553862811639037169462791594384802"
]
},
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2024-50144-70e5a19f",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@03a86c24aea0920a1ca20a0d7771d5e176db538d",
"signature_version": "v1",
"target": {
"file": "drivers/gpu/drm/xe/xe_vm.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"152229367523996541757147166217592278991",
"185370206124335892396198487155208589482",
"263105445375871728922224399569922294833",
"134689287553022025882279102646768141396",
"20608855347480309366997156129328429191",
"265260775204862931909947024581625844206",
"275174496872286923195649716847812739575",
"177751637506235238969834021574593443269",
"217877896193134824413991967751645226569",
"263105445375871728922224399569922294833",
"134689287553022025882279102646768141396",
"20608855347480309366997156129328429191",
"202749512231584966313326297301385304800",
"291639553862811639037169462791594384802"
]
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2024-50144-734d555c",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@03a86c24aea0920a1ca20a0d7771d5e176db538d",
"signature_version": "v1",
"target": {
"function": "xe_gt_tlb_invalidation_ggtt",
"file": "drivers/gpu/drm/xe/xe_gt_tlb_invalidation.c"
},
"digest": {
"function_hash": "135398036348189831632114404423699163753",
"length": 851.0
},
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2024-50144-7afec860",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@046bd018c0123b1a49c22abed5f9ea31d1454c78",
"signature_version": "v1",
"target": {
"file": "drivers/gpu/drm/xe/xe_gt_tlb_invalidation.h"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"31874451375396249589009951983161760192",
"57131788551715364050740260928062747476",
"292301536030671513853278381969978573944",
"230427464814362320968984726494526110590"
]
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2024-50144-828d3d73",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@046bd018c0123b1a49c22abed5f9ea31d1454c78",
"signature_version": "v1",
"target": {
"function": "xe_gt_tlb_invalidation_ggtt",
"file": "drivers/gpu/drm/xe/xe_gt_tlb_invalidation.c"
},
"digest": {
"function_hash": "135398036348189831632114404423699163753",
"length": 851.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2024-50144-9ab6a792",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@03a86c24aea0920a1ca20a0d7771d5e176db538d",
"signature_version": "v1",
"target": {
"function": "send_tlb_invalidation",
"file": "drivers/gpu/drm/xe/xe_gt_tlb_invalidation.c"
},
"digest": {
"function_hash": "268428382531964160489787086734220176380",
"length": 1242.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2024-50144-a7cc23f9",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@046bd018c0123b1a49c22abed5f9ea31d1454c78",
"signature_version": "v1",
"target": {
"function": "xe_gt_tlb_invalidation_fence_fini",
"file": "drivers/gpu/drm/xe/xe_gt_tlb_invalidation.c"
},
"digest": {
"function_hash": "39053316267219877704775730697583876821",
"length": 76.0
},
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2024-50144-b66c5bbf",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@046bd018c0123b1a49c22abed5f9ea31d1454c78",
"signature_version": "v1",
"target": {
"file": "drivers/gpu/drm/xe/xe_gt_tlb_invalidation.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"120376854889883753152138307766013138370",
"176674671742403324332094025982467324398",
"21760646522806268184715591065503642824",
"176536052851479583825392074351911097685",
"43678536386336341812237499126813766008",
"300539241394886775462279777412664393048",
"177902776357731072538267455991712773063",
"274689368590366084146965448909287978987",
"77836185992120994284590967852475148292",
"60139653973021148183510884380494469554",
"174049443526389150604576922772185434904",
"326303487236128167240550653547676678567",
"310907072456098731475793309303199433472",
"191805392960915697173736007570374706886",
"231757741666670284016979282689537976858",
"187503198057642438183247567242532561397",
"140243598557161843085445374796768189144",
"120625837382250188465132204824501041737",
"115434110628181858732842971725778673746",
"299051119430572704728673306849196447218",
"285806260853556719663480775942176045841"
]
},
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2024-50144-c9128f18",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@03a86c24aea0920a1ca20a0d7771d5e176db538d",
"signature_version": "v1",
"target": {
"file": "drivers/gpu/drm/xe/xe_gt_tlb_invalidation.h"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"31874451375396249589009951983161760192",
"57131788551715364050740260928062747476",
"292301536030671513853278381969978573944",
"230427464814362320968984726494526110590"
]
},
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2024-50144-e807a849",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@03a86c24aea0920a1ca20a0d7771d5e176db538d",
"signature_version": "v1",
"target": {
"file": "drivers/gpu/drm/xe/xe_gt_tlb_invalidation.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"120376854889883753152138307766013138370",
"176674671742403324332094025982467324398",
"21760646522806268184715591065503642824",
"176536052851479583825392074351911097685",
"43678536386336341812237499126813766008",
"300539241394886775462279777412664393048",
"177902776357731072538267455991712773063",
"274689368590366084146965448909287978987",
"77836185992120994284590967852475148292",
"60139653973021148183510884380494469554",
"174049443526389150604576922772185434904",
"326303487236128167240550653547676678567",
"310907072456098731475793309303199433472",
"191805392960915697173736007570374706886",
"231757741666670284016979282689537976858",
"187503198057642438183247567242532561397",
"140243598557161843085445374796768189144",
"120625837382250188465132204824501041737",
"115434110628181858732842971725778673746",
"299051119430572704728673306849196447218",
"285806260853556719663480775942176045841"
]
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2024-50144-f4c293f7",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@046bd018c0123b1a49c22abed5f9ea31d1454c78",
"signature_version": "v1",
"target": {
"function": "xe_vm_invalidate_vma",
"file": "drivers/gpu/drm/xe/xe_vm.c"
},
"digest": {
"function_hash": "333285273023990322723332148579070440828",
"length": 1362.0
},
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2024-50144-fb7ab0ac",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@03a86c24aea0920a1ca20a0d7771d5e176db538d",
"signature_version": "v1",
"target": {
"function": "xe_gt_tlb_invalidation_fence_fini",
"file": "drivers/gpu/drm/xe/xe_gt_tlb_invalidation.c"
},
"digest": {
"function_hash": "39053316267219877704775730697583876821",
"length": 76.0
},
"deprecated": false
}
]