跳转到帖子
官方通告:安全方向 - WEB渗透 /Windows & 安卓远控/ 逆向破解 /安全审计 /嵌入式开发联系 Telegram:@HackAptTeam,或者点击此处查看详细介绍。收SHELL、出SHELL。劫持合作。

SUSE: CVE-2022-48634: SUSE Linux Security Advisory

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

SUSE: CVE-2022-48634: SUSE Linux Security Advisory

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
04/28/2024
Created
08/16/2024
Added
08/09/2024
Modified
08/09/2024

Description

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix BUG: sleeping function called from invalid context errors gma_crtc_page_flip() was holding the event_lock spinlock while calling crtc_funcs->mode_set_base() which takes ww_mutex. The only reason to hold event_lock is to clear gma_crtc->page_flip_event on mode_set_base() errors. Instead unlock it after setting gma_crtc->page_flip_event and on errors re-take the lock and clear gma_crtc->page_flip_event it it is still set. This fixes the following WARN/stacktrace: [512.122953] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:870 [512.123004] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 1253, name: gnome-shell [512.123031] preempt_count: 1, expected: 0 [512.123048] RCU nest depth: 0, expected: 0 [512.123066] INFO: lockdep is turned off. [512.123080] irq event stamp: 0 [512.123094] hardirqs lastenabled at (0): [<0000000000000000>] 0x0 [512.123134] hardirqs last disabled at (0): [<ffffffff8d0ec28c>] copy_process+0x9fc/0x1de0 [512.123176] softirqs lastenabled at (0): [<ffffffff8d0ec28c>] copy_process+0x9fc/0x1de0 [512.123207] softirqs last disabled at (0): [<0000000000000000>] 0x0 [512.123233] Preemption disabled at: [512.123241] [<0000000000000000>] 0x0 [512.123275] CPU: 3 PID: 1253 Comm: gnome-shell Tainted: GW 5.19.0+ #1 [512.123304] Hardware name: Packard Bell dot s/SJE01_CT, BIOS V1.10 07/23/2013 [512.123323] Call Trace: [512.123346]<TASK> [512.123370]dump_stack_lvl+0x5b/0x77 [512.123412]__might_resched.cold+0xff/0x13a [512.123458]ww_mutex_lock+0x1e/0xa0 [512.123495]psb_gem_pin+0x2c/0x150 [gma500_gfx] [512.123601]gma_pipe_set_base+0x76/0x240 [gma500_gfx] [512.123708]gma_crtc_page_flip+0x95/0x130 [gma500_gfx] [512.123808]drm_mode_page_flip_ioctl+0x57d/0x5d0 [512.123897]? drm_mode_cursor2_ioctl+0x10/0x10 [512.123936]drm_ioctl_kernel+0xa1/0x150 [512.123984]drm_ioctl+0x21f/0x420 [512.124025]? drm_mode_cursor2_ioctl+0x10/0x10 [512.124070]? rcu_read_lock_bh_held+0xb/0x60 [512.124104]? lock_release+0x1ef/0x2d0 [512.124161]__x64_sys_ioctl+0x8d/0xd0 [512.124203]do_syscall_64+0x58/0x80 [512.124239]? do_syscall_64+0x67/0x80 [512.124267]? trace_hardirqs_on_prepare+0x55/0xe0 [512.124300]? do_syscall_64+0x67/0x80 [512.124340]? rcu_read_lock_sched_held+0x10/0x80 [512.124377]entry_SYSCALL_64_after_hwframe+0x63/0xcd [512.124411] RIP: 0033:0x7fcc4a70740f [512.124442] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 18 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [512.124470] RSP: 002b:00007ffda73f5390 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [512.124503] RAX: ffffffffffffffda RBX: 000055cc9e474500 RCX: 00007fcc4a70740f [512.124524] RDX: 00007ffda73f5420 RSI: 00000000c01864b0 RDI: 0000000000000009 [512.124544] RBP: 00007ffda73f5420 R08: 000055cc9c0b0cb0 R09: 0000000000000034 [512.124564] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000c01864b0 [512.124584] R13: 0000000000000009 R14: 000055cc9df484d0 R15: 000055cc9af5d0c0 [512.124647]</TASK>

Solution(s)

  • suse-upgrade-cluster-md-kmp-64kb
  • suse-upgrade-cluster-md-kmp-azure
  • suse-upgrade-cluster-md-kmp-default
  • suse-upgrade-cluster-md-kmp-rt
  • suse-upgrade-dlm-kmp-64kb
  • suse-upgrade-dlm-kmp-azure
  • suse-upgrade-dlm-kmp-default
  • suse-upgrade-dlm-kmp-rt
  • suse-upgrade-dtb-allwinner
  • suse-upgrade-dtb-altera
  • suse-upgrade-dtb-amazon
  • suse-upgrade-dtb-amd
  • suse-upgrade-dtb-amlogic
  • suse-upgrade-dtb-apm
  • suse-upgrade-dtb-apple
  • suse-upgrade-dtb-arm
  • suse-upgrade-dtb-broadcom
  • suse-upgrade-dtb-cavium
  • suse-upgrade-dtb-exynos
  • suse-upgrade-dtb-freescale
  • suse-upgrade-dtb-hisilicon
  • suse-upgrade-dtb-lg
  • suse-upgrade-dtb-marvell
  • suse-upgrade-dtb-mediatek
  • suse-upgrade-dtb-nvidia
  • suse-upgrade-dtb-qcom
  • suse-upgrade-dtb-renesas
  • suse-upgrade-dtb-rockchip
  • suse-upgrade-dtb-socionext
  • suse-upgrade-dtb-sprd
  • suse-upgrade-dtb-xilinx
  • suse-upgrade-gfs2-kmp-64kb
  • suse-upgrade-gfs2-kmp-azure
  • suse-upgrade-gfs2-kmp-default
  • suse-upgrade-gfs2-kmp-rt
  • suse-upgrade-kernel-64kb
  • suse-upgrade-kernel-64kb-devel
  • suse-upgrade-kernel-64kb-extra
  • suse-upgrade-kernel-64kb-livepatch-devel
  • suse-upgrade-kernel-64kb-optional
  • suse-upgrade-kernel-azure
  • suse-upgrade-kernel-azure-devel
  • suse-upgrade-kernel-azure-extra
  • suse-upgrade-kernel-azure-livepatch-devel
  • suse-upgrade-kernel-azure-optional
  • suse-upgrade-kernel-azure-vdso
  • suse-upgrade-kernel-debug
  • suse-upgrade-kernel-debug-devel
  • suse-upgrade-kernel-debug-livepatch-devel
  • suse-upgrade-kernel-debug-vdso
  • suse-upgrade-kernel-default
  • suse-upgrade-kernel-default-base
  • suse-upgrade-kernel-default-base-rebuild
  • suse-upgrade-kernel-default-devel
  • suse-upgrade-kernel-default-extra
  • suse-upgrade-kernel-default-livepatch
  • suse-upgrade-kernel-default-livepatch-devel
  • suse-upgrade-kernel-default-optional
  • suse-upgrade-kernel-default-vdso
  • suse-upgrade-kernel-devel
  • suse-upgrade-kernel-devel-azure
  • suse-upgrade-kernel-devel-rt
  • suse-upgrade-kernel-docs
  • suse-upgrade-kernel-docs-html
  • suse-upgrade-kernel-kvmsmall
  • suse-upgrade-kernel-kvmsmall-devel
  • suse-upgrade-kernel-kvmsmall-livepatch-devel
  • suse-upgrade-kernel-kvmsmall-vdso
  • suse-upgrade-kernel-macros
  • suse-upgrade-kernel-obs-build
  • suse-upgrade-kernel-obs-qa
  • suse-upgrade-kernel-rt
  • suse-upgrade-kernel-rt-devel
  • suse-upgrade-kernel-rt-extra
  • suse-upgrade-kernel-rt-livepatch
  • suse-upgrade-kernel-rt-livepatch-devel
  • suse-upgrade-kernel-rt-optional
  • suse-upgrade-kernel-rt-vdso
  • suse-upgrade-kernel-rt_debug
  • suse-upgrade-kernel-rt_debug-devel
  • suse-upgrade-kernel-rt_debug-livepatch-devel
  • suse-upgrade-kernel-rt_debug-vdso
  • suse-upgrade-kernel-source
  • suse-upgrade-kernel-source-azure
  • suse-upgrade-kernel-source-rt
  • suse-upgrade-kernel-source-vanilla
  • suse-upgrade-kernel-syms
  • suse-upgrade-kernel-syms-azure
  • suse-upgrade-kernel-syms-rt
  • suse-upgrade-kernel-zfcpdump
  • suse-upgrade-kselftests-kmp-64kb
  • suse-upgrade-kselftests-kmp-azure
  • suse-upgrade-kselftests-kmp-default
  • suse-upgrade-kselftests-kmp-rt
  • suse-upgrade-ocfs2-kmp-64kb
  • suse-upgrade-ocfs2-kmp-azure
  • suse-upgrade-ocfs2-kmp-default
  • suse-upgrade-ocfs2-kmp-rt
  • suse-upgrade-reiserfs-kmp-64kb
  • suse-upgrade-reiserfs-kmp-azure
  • suse-upgrade-reiserfs-kmp-default
  • suse-upgrade-reiserfs-kmp-rt

References

  • https://attackerkb.com/topics/cve-2022-48634
  • CVE - 2022-48634
  • 引用
  • Mention
    • 查看数 696
    • 已创建
    • 最后回复

    参与讨论

    你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
    注意:你的帖子需要版主批准后才能看到。

    游客
    回帖…
    转到主题列表