Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG There were multiple issues in that code. First of all the order between the reset semaphore and the mm_lock was wrong (e.g. copy_to_user) was called while holding the lock. Then we allocated memory while holding the reset semaphore which is also a pretty big bug and can deadlock. Then we used down_read_trylock() instead of waiting for the reset to finish. (cherry picked from commit 361b6e6b303d4b691f6c5974d3eaab67ca6dd90e)
Affected products
- Linux / Linux8361e3f7882876d98ba98cae0d3149450dd80912 – 8c4254c8f5836e77ae83e7fc037f02b69f7a0977
- Linux / Linux9e823f307074c0f82b5f6044943b0086e3079bed – 61957c2e467b39b528a290016367d32a433fa846
- Linux / Linux9e823f307074c0f82b5f6044943b0086e3079bed – a31c3feb54b15a90232e497ad0e27e8a82052d8d
- Linux / Linux9e823f307074c0f82b5f6044943b0086e3079bed – 5c29d20470d4566d1b68df57097d642d01f8b427
- Linux / Linux9e823f307074c0f82b5f6044943b0086e3079bed – 0ef196a208385b7d7da79f411c161b04e97283e2
- Linux / Linux17a98c942cb106ec08564e8f43b5470a4dd5d3f6 – 17a98c942cb106ec08564e8f43b5470a4dd5d3f6
- Linux / Linux9a98563345697bdb1d3410ff428473b2e781f4db – 9a98563345697bdb1d3410ff428473b2e781f4db
- Linux / Linux6.6.55 – 6.6.141
- Linux / Linux6.10.14 – 6.11
- Linux / Linux6.11.3 – 6.12
- Linux / Linux6.12 – 6.12
- Linux / Linux0 – 6.12
- Linux / Linux6.6.141 – 6.6.*
- Linux / Linux6.12.91 – 6.12.*
- Linux / Linux6.18.33 – 6.18.*
- Linux / Linux7.0.10 – 7.0.*
- Linux / Linux7.1 – *
References
- MISChttps://git.kernel.org/stable/c/8c4254c8f5836e77ae83e7fc037f02b69f7a0977
- MISChttps://git.kernel.org/stable/c/61957c2e467b39b528a290016367d32a433fa846
- MISChttps://git.kernel.org/stable/c/a31c3feb54b15a90232e497ad0e27e8a82052d8d
- MISChttps://git.kernel.org/stable/c/5c29d20470d4566d1b68df57097d642d01f8b427
- MISChttps://git.kernel.org/stable/c/0ef196a208385b7d7da79f411c161b04e97283e2