{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-46709","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-09-11T15:12:18.252Z","datePublished":"2024-09-13T06:33:41.392Z","dateUpdated":"2025-05-04T12:58:39.549Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:58:39.549Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix prime with external buffers\n\nMake sure that for external buffers mapping goes through the dma_buf\ninterface instead of trying to access pages directly.\n\nExternal buffers might not provide direct access to readable/writable\npages so to make sure the bo's created from external dma_bufs can be\nread dma_buf interface has to be used.\n\nFixes crashes in IGT's kms_prime with vgem. Regular desktop usage won't\ntrigger this due to the fact that virtual machines will not have\nmultiple GPUs but it enables better test coverage in IGT."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/vmwgfx/vmwgfx_blit.c","drivers/gpu/drm/vmwgfx/vmwgfx_drv.h","drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c"],"versions":[{"version":"65674218b43f2dd54587ab2b06560e17c30d8b41","lessThan":"9a9716bbbf3dd6b6cbefba3abcc89af8b72631f4","status":"affected","versionType":"git"},{"version":"b32233accefff1338806f064fb9b62cf5bc0609f","lessThan":"5c12391ee1ab59cb2f3be3f1f5e6d0fc0c2dc854","status":"affected","versionType":"git"},{"version":"b32233accefff1338806f064fb9b62cf5bc0609f","lessThan":"50f1199250912568606b3778dc56646c10cb7b04","status":"affected","versionType":"git"},{"version":"2cdb71c975a10b8774fcd199f16f9ea88948de50","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/vmwgfx/vmwgfx_blit.c","drivers/gpu/drm/vmwgfx/vmwgfx_drv.h","drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c"],"versions":[{"version":"6.9","status":"affected"},{"version":"0","lessThan":"6.9","status":"unaffected","versionType":"semver"},{"version":"6.6.49","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.10.8","lessThanOrEqual":"6.10.*","status":"unaffected","versionType":"semver"},{"version":"6.11","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.29","versionEndExcluding":"6.6.49"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.10.8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8.8"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/9a9716bbbf3dd6b6cbefba3abcc89af8b72631f4"},{"url":"https://git.kernel.org/stable/c/5c12391ee1ab59cb2f3be3f1f5e6d0fc0c2dc854"},{"url":"https://git.kernel.org/stable/c/50f1199250912568606b3778dc56646c10cb7b04"}],"title":"drm/vmwgfx: Fix prime with external buffers","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-09-29T15:00:04.048988Z","id":"CVE-2024-46709","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-29T15:00:18.143Z"}}]}}