CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
5.1%
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: don’t allow mapping the MMIO HDP page with large pages
We don’t get the right offset in that case. The GPU has
an unused 4K area of the register BAR space into which you can
remap registers. We remap the HDP flush registers into this
space to allow userspace (CPU or GPU) to flush the HDP when it
updates VRAM. However, on systems with >4K pages, we end up
exposing PAGE_SIZE of MMIO space.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
linux | linux_kernel | 6.9 | cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:* |
linux | linux_kernel | 6.9 | cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:* |
linux | linux_kernel | 6.9 | cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:* |
linux | linux_kernel | 6.9 | cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:* |
linux | linux_kernel | 6.9 | cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:* |
linux | linux_kernel | 6.9 | cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:* |
linux | linux_kernel | 6.9 | cpe:2.3:o:linux:linux_kernel:6.9:rc7:*:*:*:*:*:* |
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/gpu/drm/amd/amdkfd/kfd_chardev.c"
],
"versions": [
{
"version": "d8e408a82704",
"lessThan": "009c4d78bcf0",
"status": "affected",
"versionType": "git"
},
{
"version": "d8e408a82704",
"lessThan": "f7276cdc1912",
"status": "affected",
"versionType": "git"
},
{
"version": "d8e408a82704",
"lessThan": "8ad4838040e5",
"status": "affected",
"versionType": "git"
},
{
"version": "d8e408a82704",
"lessThan": "89fffbdf535c",
"status": "affected",
"versionType": "git"
},
{
"version": "d8e408a82704",
"lessThan": "4b4cff994a27",
"status": "affected",
"versionType": "git"
},
{
"version": "d8e408a82704",
"lessThan": "6186c9356088",
"status": "affected",
"versionType": "git"
},
{
"version": "d8e408a82704",
"lessThan": "be4a2a81b6b9",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/gpu/drm/amd/amdkfd/kfd_chardev.c"
],
"versions": [
{
"version": "5.3",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.3",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.283",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.225",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.166",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.91",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.31",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8.10",
"lessThanOrEqual": "6.8.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]
git.kernel.org/stable/c/009c4d78bcf07c4ac2e3dd9f275b4eaa72b4f884
git.kernel.org/stable/c/4b4cff994a27ebf7bd3fb9a798a1cdfa8d01b724
git.kernel.org/stable/c/6186c93560889265bfe0914609c274eff40bbeb5
git.kernel.org/stable/c/89fffbdf535ce659c1a26b51ad62070566e33b28
git.kernel.org/stable/c/8ad4838040e5515939c071a0f511ce2661a0889d
git.kernel.org/stable/c/be4a2a81b6b90d1a47eaeaace4cc8e2cb57b96c7
git.kernel.org/stable/c/f7276cdc1912325b64c33fcb1361952c06e55f63