{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-36944","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-30T15:25:07.073Z","datePublished":"2024-05-30T15:35:42.708Z","dateUpdated":"2025-05-04T09:12:33.769Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T09:12:33.769Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nReapply \"drm/qxl: simplify qxl_fence_wait\"\n\nThis reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea.\n\nStephen Rostedt reports:\n \"I went to run my tests on my VMs and the tests hung on boot up.\n  Unfortunately, the most I ever got out was:\n\n  [   93.607888] Testing event system initcall: OK\n  [   93.667730] Running tests on all trace events:\n  [   93.669757] Testing all events: OK\n  [   95.631064] ------------[ cut here ]------------\n  Timed out after 60 seconds\"\n\nand further debugging points to a possible circular locking dependency\nbetween the console_owner locking and the worker pool locking.\n\nReverting the commit allows Steve's VM to boot to completion again.\n\n[ This may obviously result in the \"[TTM] Buffer eviction failed\"\n  messages again, which was the reason for that original revert. But at\n  this point this seems preferable to a non-booting system... ]"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/qxl/qxl_release.c","include/linux/dma-fence.h"],"versions":[{"version":"8d278fc34cdd8a44e995fa93dfd31d619a2e1fe6","lessThan":"4a89ac4b0921c4ea21eb1b4cf3a469a91bacfcea","status":"affected","versionType":"git"},{"version":"84fb60063509e462e39c0e097c7d6dbb71c95967","lessThan":"b548c53bc3ab83dc6fc86c8e840f013b2032267a","status":"affected","versionType":"git"},{"version":"42cbe04a5c77da74fb7161b0ae63f1f6e105d633","lessThan":"148ed8b4d64f94ab079c8f0d88c3f444db97ba97","status":"affected","versionType":"git"},{"version":"13ab5db42a593f9904acc39055ee3ae75963fc88","lessThan":"3dfe35d8683daf9ba69278643efbabe40000bbf6","status":"affected","versionType":"git"},{"version":"07ed11afb68d94eadd4ffc082b97c2331307c5ea","lessThan":"3628e0383dd349f02f882e612ab6184e4bb3dc10","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/qxl/qxl_release.c","include/linux/dma-fence.h"],"versions":[{"version":"5.15.156","lessThan":"5.15.159","status":"affected","versionType":"semver"},{"version":"6.1.87","lessThan":"6.1.91","status":"affected","versionType":"semver"},{"version":"6.6.28","lessThan":"6.6.31","status":"affected","versionType":"semver"},{"version":"6.8.7","lessThan":"6.8.10","status":"affected","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.156","versionEndExcluding":"5.15.159"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.87","versionEndExcluding":"6.1.91"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.28","versionEndExcluding":"6.6.31"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8.7","versionEndExcluding":"6.8.10"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/4a89ac4b0921c4ea21eb1b4cf3a469a91bacfcea"},{"url":"https://git.kernel.org/stable/c/b548c53bc3ab83dc6fc86c8e840f013b2032267a"},{"url":"https://git.kernel.org/stable/c/148ed8b4d64f94ab079c8f0d88c3f444db97ba97"},{"url":"https://git.kernel.org/stable/c/3dfe35d8683daf9ba69278643efbabe40000bbf6"},{"url":"https://git.kernel.org/stable/c/3628e0383dd349f02f882e612ab6184e4bb3dc10"}],"title":"Reapply \"drm/qxl: simplify qxl_fence_wait\"","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-noinfo Not enough information"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-05-31T18:28:13.498062Z","id":"CVE-2024-36944","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-11-06T16:27:03.244Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T03:43:50.389Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/4a89ac4b0921c4ea21eb1b4cf3a469a91bacfcea","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/b548c53bc3ab83dc6fc86c8e840f013b2032267a","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/148ed8b4d64f94ab079c8f0d88c3f444db97ba97","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/3dfe35d8683daf9ba69278643efbabe40000bbf6","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/3628e0383dd349f02f882e612ab6184e4bb3dc10","tags":["x_transferred"]}]}]}}