{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-35927","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-17T13:50:33.128Z","datePublished":"2024-05-19T10:10:37.069Z","dateUpdated":"2025-06-19T12:37:41.851Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-06-19T12:37:41.851Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Check output polling initialized before disabling\n\nIn drm_kms_helper_poll_disable() check if output polling\nsupport is initialized before disabling polling. If not flag\nthis as a warning.\nAdditionally in drm_mode_config_helper_suspend() and\ndrm_mode_config_helper_resume() calls, that re the callers of these\nfunctions, avoid invoking them if polling is not initialized.\nFor drivers like hyperv-drm, that do not initialize connector\npolling, if suspend is called without this check, it leads to\nsuspend failure with following stack\n[  770.719392] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) done.\n[  770.720592] printk: Suspending console(s) (use no_console_suspend to debug)\n[  770.948823] ------------[ cut here ]------------\n[  770.948824] WARNING: CPU: 1 PID: 17197 at kernel/workqueue.c:3162 __flush_work.isra.0+0x212/0x230\n[  770.948831] Modules linked in: rfkill nft_counter xt_conntrack xt_owner udf nft_compat crc_itu_t nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables nfnetlink vfat fat mlx5_ib ib_uverbs ib_core mlx5_core intel_rapl_msr intel_rapl_common kvm_amd ccp mlxfw kvm psample hyperv_drm tls drm_shmem_helper drm_kms_helper irqbypass pcspkr syscopyarea sysfillrect sysimgblt hv_balloon hv_utils joydev drm fuse xfs libcrc32c pci_hyperv pci_hyperv_intf sr_mod sd_mod cdrom t10_pi sg hv_storvsc scsi_transport_fc hv_netvsc serio_raw hyperv_keyboard hid_hyperv crct10dif_pclmul crc32_pclmul crc32c_intel hv_vmbus ghash_clmulni_intel dm_mirror dm_region_hash dm_log dm_mod\n[  770.948863] CPU: 1 PID: 17197 Comm: systemd-sleep Not tainted 5.14.0-362.2.1.el9_3.x86_64 #1\n[  770.948865] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022\n[  770.948866] RIP: 0010:__flush_work.isra.0+0x212/0x230\n[  770.948869] Code: 8b 4d 00 4c 8b 45 08 89 ca 48 c1 e9 04 83 e2 08 83 e1 0f 83 ca 02 89 c8 48 0f ba 6d 00 03 e9 25 ff ff ff 0f 0b e9 4e ff ff ff <0f> 0b 45 31 ed e9 44 ff ff ff e8 8f 89 b2 00 66 66 2e 0f 1f 84 00\n[  770.948870] RSP: 0018:ffffaf4ac213fb10 EFLAGS: 00010246\n[  770.948871] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8c992857\n[  770.948872] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff9aad82b00330\n[  770.948873] RBP: ffff9aad82b00330 R08: 0000000000000000 R09: ffff9aad87ee3d10\n[  770.948874] R10: 0000000000000200 R11: 0000000000000000 R12: ffff9aad82b00330\n[  770.948874] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001\n[  770.948875] FS:  00007ff1b2f6bb40(0000) GS:ffff9aaf37d00000(0000) knlGS:0000000000000000\n[  770.948878] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  770.948878] CR2: 0000555f345cb666 CR3: 00000001462dc005 CR4: 0000000000370ee0\n[  770.948879] Call Trace:\n[  770.948880]  <TASK>\n[  770.948881]  ? show_trace_log_lvl+0x1c4/0x2df\n[  770.948884]  ? show_trace_log_lvl+0x1c4/0x2df\n[  770.948886]  ? __cancel_work_timer+0x103/0x190\n[  770.948887]  ? __flush_work.isra.0+0x212/0x230\n[  770.948889]  ? __warn+0x81/0x110\n[  770.948891]  ? __flush_work.isra.0+0x212/0x230\n[  770.948892]  ? report_bug+0x10a/0x140\n[  770.948895]  ? handle_bug+0x3c/0x70\n[  770.948898]  ? exc_invalid_op+0x14/0x70\n[  770.948899]  ? asm_exc_invalid_op+0x16/0x20\n[  770.948903]  ? __flush_work.isra.0+0x212/0x230\n[  770.948905]  __cancel_work_timer+0x103/0x190\n[  770.948907]  ? _raw_spin_unlock_irqrestore+0xa/0x30\n[  770.948910]  drm_kms_helper_poll_disable+0x1e/0x40 [drm_kms_helper]\n[  770.948923]  drm_mode_config_helper_suspend+0x1c/0x80 [drm_kms_helper]\n[  770.948933]  ? __pfx_vmbus_suspend+0x10/0x10 [hv_vmbus]\n[  770.948942]  hyperv_vmbus_suspend+0x17/0x40 [hyperv_drm]\n[  770.948944]  ? __pfx_vmbus_suspend+0x10/0x10 [hv_vmbus]\n[  770.948951]  dpm_run_callback+0x4c/0x140\n[  770.948954]  __device_suspend_noir\n---truncated---"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/drm_modeset_helper.c","drivers/gpu/drm/drm_probe_helper.c"],"versions":[{"version":"78b991ccfa64a438e2d8c2997d22d55621ab277d","lessThan":"3d1b47e3a935abd4f258a945db87e7267ff4079c","status":"affected","versionType":"git"},{"version":"78b991ccfa64a438e2d8c2997d22d55621ab277d","lessThan":"18451798f4a4e7418b9fad7e7dd313fe84b1f545","status":"affected","versionType":"git"},{"version":"78b991ccfa64a438e2d8c2997d22d55621ab277d","lessThan":"5abffb66d12bcac84bf7b66389c571b8bb6e82bd","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/drm_modeset_helper.c","drivers/gpu/drm/drm_probe_helper.c"],"versions":[{"version":"6.3","status":"affected"},{"version":"0","lessThan":"6.3","status":"unaffected","versionType":"semver"},{"version":"6.6.27","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.8.6","lessThanOrEqual":"6.8.*","status":"unaffected","versionType":"semver"},{"version":"6.9","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3","versionEndExcluding":"6.6.27"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3","versionEndExcluding":"6.8.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3","versionEndExcluding":"6.9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3d1b47e3a935abd4f258a945db87e7267ff4079c"},{"url":"https://git.kernel.org/stable/c/18451798f4a4e7418b9fad7e7dd313fe84b1f545"},{"url":"https://git.kernel.org/stable/c/5abffb66d12bcac84bf7b66389c571b8bb6e82bd"}],"title":"drm: Check output polling initialized before disabling","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-noinfo Not enough information"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-05-29T18:18:22.364810Z","id":"CVE-2024-35927","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-29T19:54:14.353Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T03:21:48.874Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/786c27982a39d79cc753f84229eb5977ac8ef1c1","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/4ad8d57d902fbc7c82507cfc1b031f3a07c3de6e","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/3d1b47e3a935abd4f258a945db87e7267ff4079c","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/18451798f4a4e7418b9fad7e7dd313fe84b1f545","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/5abffb66d12bcac84bf7b66389c571b8bb6e82bd","tags":["x_transferred"]}]}]}}