Ubuntu: (Multiple Advisories) (CVE-2024-44993): Linux kernel vulnerabilities

Ubuntu: (Multiple Advisories) (CVE-2024-44993): Linux kernel vulnerabilities

Severity

6

CVSS

(AV:L/AC:L/Au:S/C:C/I:N/A:C)

Published

09/04/2024

Created

12/14/2024

Added

12/13/2024

Modified

01/30/2025

Description

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix out-of-bounds read in `v3d_csd_job_run()` When enabling UBSAN on Raspberry Pi 5, we get the following warning: [387.894977] UBSAN: array-index-out-of-bounds in drivers/gpu/drm/v3d/v3d_sched.c:320:3 [387.903868] index 7 is out of range for type '__u32 [7]' [387.909692] CPU: 0 PID: 1207 Comm: kworker/u16:2 Tainted: GWC 6.10.3-v8-16k-numa #151 [387.919166] Hardware name: Raspberry Pi 5 Model B Rev 1.0 (DT) [387.925961] Workqueue: v3d_csd drm_sched_run_job_work [gpu_sched] [387.932525] Call trace: [387.935296]dump_backtrace+0x170/0x1b8 [387.939403]show_stack+0x20/0x38 [387.942907]dump_stack_lvl+0x90/0xd0 [387.946785]dump_stack+0x18/0x28 [387.950301]__ubsan_handle_out_of_bounds+0x98/0xd0 [387.955383]v3d_csd_job_run+0x3a8/0x438 [v3d] [387.960707]drm_sched_run_job_work+0x520/0x6d0 [gpu_sched] [387.966862]process_one_work+0x62c/0xb48 [387.971296]worker_thread+0x468/0x5b0 [387.975317]kthread+0x1c4/0x1e0 [387.978818]ret_from_fork+0x10/0x20 [387.983014] ---[ end trace ]--- This happens because the UAPI provides only seven configuration registers and we are reading the eighth position of this u32 array. Therefore, fix the out-of-bounds read in `v3d_csd_job_run()` by accessing only seven positions on the '__u32 [7]' array. The eighth register exists indeed on V3D 7.1, but it isn't currently used. That being so, let's guarantee that it remains unused and add a note that it could be set in a future patch.

Solution(s)

• ubuntu-upgrade-linux-image-6-8-0-1002-gkeop
• ubuntu-upgrade-linux-image-6-8-0-1015-gke
• ubuntu-upgrade-linux-image-6-8-0-1016-raspi
• ubuntu-upgrade-linux-image-6-8-0-1017-ibm
• ubuntu-upgrade-linux-image-6-8-0-1017-oracle
• ubuntu-upgrade-linux-image-6-8-0-1017-oracle-64k
• ubuntu-upgrade-linux-image-6-8-0-1018-oem
• ubuntu-upgrade-linux-image-6-8-0-1019-gcp
• ubuntu-upgrade-linux-image-6-8-0-1019-nvidia
• ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-64k
• ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency
• ubuntu-upgrade-linux-image-6-8-0-1019-nvidia-lowlatency-64k
• ubuntu-upgrade-linux-image-6-8-0-1020-aws
• ubuntu-upgrade-linux-image-6-8-0-1020-azure
• ubuntu-upgrade-linux-image-6-8-0-1020-azure-fde
• ubuntu-upgrade-linux-image-6-8-0-50-generic
• ubuntu-upgrade-linux-image-6-8-0-50-generic-64k
• ubuntu-upgrade-linux-image-6-8-0-50-lowlatency
• ubuntu-upgrade-linux-image-6-8-0-50-lowlatency-64k
• ubuntu-upgrade-linux-image-aws
• ubuntu-upgrade-linux-image-azure
• ubuntu-upgrade-linux-image-azure-fde
• ubuntu-upgrade-linux-image-gcp
• ubuntu-upgrade-linux-image-generic
• ubuntu-upgrade-linux-image-generic-64k
• ubuntu-upgrade-linux-image-generic-64k-hwe-22-04
• ubuntu-upgrade-linux-image-generic-64k-hwe-24-04
• ubuntu-upgrade-linux-image-generic-hwe-22-04
• ubuntu-upgrade-linux-image-generic-hwe-24-04
• ubuntu-upgrade-linux-image-generic-lpae
• ubuntu-upgrade-linux-image-gke
• ubuntu-upgrade-linux-image-gkeop
• ubuntu-upgrade-linux-image-gkeop-6-8
• ubuntu-upgrade-linux-image-ibm
• ubuntu-upgrade-linux-image-ibm-classic
• ubuntu-upgrade-linux-image-ibm-lts-24-04
• ubuntu-upgrade-linux-image-kvm
• ubuntu-upgrade-linux-image-lowlatency
• ubuntu-upgrade-linux-image-lowlatency-64k
• ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04
• ubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04
• ubuntu-upgrade-linux-image-lowlatency-hwe-22-04
• ubuntu-upgrade-linux-image-lowlatency-hwe-24-04
• ubuntu-upgrade-linux-image-nvidia
• ubuntu-upgrade-linux-image-nvidia-6-8
• ubuntu-upgrade-linux-image-nvidia-64k
• ubuntu-upgrade-linux-image-nvidia-64k-6-8
• ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04
• ubuntu-upgrade-linux-image-nvidia-hwe-22-04
• ubuntu-upgrade-linux-image-nvidia-lowlatency
• ubuntu-upgrade-linux-image-nvidia-lowlatency-64k
• ubuntu-upgrade-linux-image-oem-22-04
• ubuntu-upgrade-linux-image-oem-22-04a
• ubuntu-upgrade-linux-image-oem-22-04b
• ubuntu-upgrade-linux-image-oem-22-04c
• ubuntu-upgrade-linux-image-oem-22-04d
• ubuntu-upgrade-linux-image-oem-24-04
• ubuntu-upgrade-linux-image-oem-24-04a
• ubuntu-upgrade-linux-image-oracle
• ubuntu-upgrade-linux-image-oracle-64k
• ubuntu-upgrade-linux-image-raspi
• ubuntu-upgrade-linux-image-virtual
• ubuntu-upgrade-linux-image-virtual-hwe-22-04
• ubuntu-upgrade-linux-image-virtual-hwe-24-04

References

• https://attackerkb.com/topics/cve-2024-44993
• CVE - 2024-44993
• USN-7154-1
• USN-7154-2
• USN-7155-1
• USN-7156-1
• USN-7196-1