{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-48704","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-03T14:55:07.146Z","datePublished":"2024-05-03T17:45:51.299Z","dateUpdated":"2025-12-23T13:19:53.514Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-12-23T13:19:53.514Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: add a force flush to delay work when radeon\n\nAlthough radeon card fence and wait for gpu to finish processing current batch rings,\nthere is still a corner case that radeon lockup work queue may not be fully flushed,\nand meanwhile the radeon_suspend_kms() function has called pci_set_power_state() to\nput device in D3hot state.\nPer PCI spec rev 4.0 on 5.3.1.4.1 D3hot State.\n> Configuration and Message requests are the only TLPs accepted by a Function in\n> the D3hot state. All other received Requests must be handled as Unsupported Requests,\n> and all received Completions may optionally be handled as Unexpected Completions.\nThis issue will happen in following logs:\nUnable to handle kernel paging request at virtual address 00008800e0008010\nCPU 0 kworker/0:3(131): Oops 0\npc = [<ffffffff811bea5c>]  ra = [<ffffffff81240844>]  ps = 0000 Tainted: G        W\npc is at si_gpu_check_soft_reset+0x3c/0x240\nra is at si_dma_is_lockup+0x34/0xd0\nv0 = 0000000000000000  t0 = fff08800e0008010  t1 = 0000000000010000\nt2 = 0000000000008010  t3 = fff00007e3c00000  t4 = fff00007e3c00258\nt5 = 000000000000ffff  t6 = 0000000000000001  t7 = fff00007ef078000\ns0 = fff00007e3c016e8  s1 = fff00007e3c00000  s2 = fff00007e3c00018\ns3 = fff00007e3c00000  s4 = fff00007fff59d80  s5 = 0000000000000000\ns6 = fff00007ef07bd98\na0 = fff00007e3c00000  a1 = fff00007e3c016e8  a2 = 0000000000000008\na3 = 0000000000000001  a4 = 8f5c28f5c28f5c29  a5 = ffffffff810f4338\nt8 = 0000000000000275  t9 = ffffffff809b66f8  t10 = ff6769c5d964b800\nt11= 000000000000b886  pv = ffffffff811bea20  at = 0000000000000000\ngp = ffffffff81d89690  sp = 00000000aa814126\nDisabling lock debugging due to kernel taint\nTrace:\n[<ffffffff81240844>] si_dma_is_lockup+0x34/0xd0\n[<ffffffff81119610>] radeon_fence_check_lockup+0xd0/0x290\n[<ffffffff80977010>] process_one_work+0x280/0x550\n[<ffffffff80977350>] worker_thread+0x70/0x7c0\n[<ffffffff80977410>] worker_thread+0x130/0x7c0\n[<ffffffff80982040>] kthread+0x200/0x210\n[<ffffffff809772e0>] worker_thread+0x0/0x7c0\n[<ffffffff80981f8c>] kthread+0x14c/0x210\n[<ffffffff80911658>] ret_from_kernel_thread+0x18/0x20\n[<ffffffff80981e40>] kthread+0x0/0x210\n Code: ad3e0008  43f0074a  ad7e0018  ad9e0020  8c3001e8  40230101\n <88210000> 4821ed21\nSo force lockup work queue flush to fix this problem."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/radeon/radeon_device.c"],"versions":[{"version":"0bfa4b41268ad5fd741f16f484e4fee190822ec6","lessThan":"b878da58df2c40b08914d3960e2224040fd1fbfe","status":"affected","versionType":"git"},{"version":"0bfa4b41268ad5fd741f16f484e4fee190822ec6","lessThan":"4e25e8f27fdbdc6fd55cc572a9939bf24500b9e8","status":"affected","versionType":"git"},{"version":"0bfa4b41268ad5fd741f16f484e4fee190822ec6","lessThan":"c0a45f41fde4a0f2c900f719817493ee5c4a5aa3","status":"affected","versionType":"git"},{"version":"0bfa4b41268ad5fd741f16f484e4fee190822ec6","lessThan":"c72d97146fc5a4dff381b1737f6167e89860430d","status":"affected","versionType":"git"},{"version":"0bfa4b41268ad5fd741f16f484e4fee190822ec6","lessThan":"826b46fd5974113515abe9e4fc8178009a8ce18c","status":"affected","versionType":"git"},{"version":"0bfa4b41268ad5fd741f16f484e4fee190822ec6","lessThan":"5a7a5b2edac4b05abd744eeaebda46d9dacd952d","status":"affected","versionType":"git"},{"version":"0bfa4b41268ad5fd741f16f484e4fee190822ec6","lessThan":"16cb367daa446923d82e332537f446a4cc784b40","status":"affected","versionType":"git"},{"version":"0bfa4b41268ad5fd741f16f484e4fee190822ec6","lessThan":"f461950fdc374a3ada5a63c669d997de4600dffe","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/radeon/radeon_device.c"],"versions":[{"version":"3.18","status":"affected"},{"version":"0","lessThan":"3.18","status":"unaffected","versionType":"semver"},{"version":"4.9.328","lessThanOrEqual":"4.9.*","status":"unaffected","versionType":"semver"},{"version":"4.14.293","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.258","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.213","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.143","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.68","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.19.9","lessThanOrEqual":"5.19.*","status":"unaffected","versionType":"semver"},{"version":"6.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.18","versionEndExcluding":"4.9.328"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.18","versionEndExcluding":"4.14.293"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.18","versionEndExcluding":"4.19.258"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.18","versionEndExcluding":"5.4.213"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.18","versionEndExcluding":"5.10.143"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.18","versionEndExcluding":"5.15.68"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.18","versionEndExcluding":"5.19.9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.18","versionEndExcluding":"6.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/b878da58df2c40b08914d3960e2224040fd1fbfe"},{"url":"https://git.kernel.org/stable/c/4e25e8f27fdbdc6fd55cc572a9939bf24500b9e8"},{"url":"https://git.kernel.org/stable/c/c0a45f41fde4a0f2c900f719817493ee5c4a5aa3"},{"url":"https://git.kernel.org/stable/c/c72d97146fc5a4dff381b1737f6167e89860430d"},{"url":"https://git.kernel.org/stable/c/826b46fd5974113515abe9e4fc8178009a8ce18c"},{"url":"https://git.kernel.org/stable/c/5a7a5b2edac4b05abd744eeaebda46d9dacd952d"},{"url":"https://git.kernel.org/stable/c/16cb367daa446923d82e332537f446a4cc784b40"},{"url":"https://git.kernel.org/stable/c/f461950fdc374a3ada5a63c669d997de4600dffe"}],"title":"drm/radeon: add a force flush to delay work when radeon","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T15:17:55.838Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/b878da58df2c40b08914d3960e2224040fd1fbfe","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/4e25e8f27fdbdc6fd55cc572a9939bf24500b9e8","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/c0a45f41fde4a0f2c900f719817493ee5c4a5aa3","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/c72d97146fc5a4dff381b1737f6167e89860430d","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/826b46fd5974113515abe9e4fc8178009a8ce18c","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/5a7a5b2edac4b05abd744eeaebda46d9dacd952d","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/16cb367daa446923d82e332537f446a4cc784b40","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f461950fdc374a3ada5a63c669d997de4600dffe","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2022-48704","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T15:43:29.607532Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:33:27.016Z"}}]}}