CVE-2024-36969

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-36969
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36969.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-36969
Downstream
Related
Published
2024-06-08T13:15:58Z
Modified
2025-08-09T20:01:27Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix division by zero in setupdscconfig

When sliceheight is 0, the division by sliceheight in the calculation of the number of slices will cause a division by zero driver crash. This leaves the kernel in a state that requires a reboot. This patch adds a check to avoid the division by zero.

The stack trace below is for the 6.8.4 Kernel. I reproduced the issue on a Z16 Gen 2 Lenovo Thinkpad with a Apple Studio Display monitor connected via Thunderbolt. The amdgpu driver crashed with this exception when I rebooted the system with the monitor connected.

kernel: ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447) kernel: ? dotrap (arch/x86/kernel/traps.c:113 arch/x86/kernel/traps.c:154) kernel: ? setupdscconfig (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dcdsc.c:1053) amdgpu kernel: ? doerrortrap (./arch/x86/include/asm/traps.h:58 arch/x86/kernel/traps.c:175) kernel: ? setupdscconfig (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dcdsc.c:1053) amdgpu kernel: ? excdivideerror (arch/x86/kernel/traps.c:194 (discriminator 2)) kernel: ? setupdscconfig (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dcdsc.c:1053) amdgpu kernel: ? asmexcdivideerror (./arch/x86/include/asm/idtentry.h:548) kernel: ? setupdscconfig (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dcdsc.c:1053) amdgpu kernel: dcdsccomputeconfig (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dcdsc.c:1109) amdgpu

After applying this patch, the driver no longer crashes when the monitor is connected and the system is rebooted. I believe this is the same issue reported for 3113.

References

Affected packages