We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-46837

drm/panthor: Restrict high priorities on group_create



Description

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Restrict high priorities on group_create We were allowing any users to create a high priority group without any permission checks. As a result, this was allowing possible denial of service. We now only allow the DRM master or users with the CAP_SYS_NICE capability to set higher priorities than PANTHOR_GROUP_PRIORITY_MEDIUM. As the sole user of that uAPI lives in Mesa and hardcode a value of MEDIUM [1], this should be safe to do. Additionally, as those checks are performed at the ioctl level, panthor_group_create now only check for priority level validity. [1]https://gitlab.freedesktop.org/mesa/mesa/-/blob/f390835074bdf162a63deb0311d1a6de527f9f89/src/gallium/drivers/panfrost/pan_csf.c#L1038

Reserved 2024-09-11 | Published 2024-09-27 | Updated 2024-11-05 | Assigner Linux

Product status

Default status
unaffected

de8548813824 before 33eb0344e186
affected

de8548813824 before 5f7762042f8a
affected

Default status
affected

6.10
affected

Any version before 6.10
unaffected

6.10.10
unaffected

6.11
unaffected

References

git.kernel.org/...c/33eb0344e186a2bcc257c6c5a6e65c1cb42adb4a

git.kernel.org/...c/5f7762042f8a5377bd8a32844db353c0311a7369

cve.org (CVE-2024-46837)

nvd.nist.gov (CVE-2024-46837)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-46837

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.