{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-56551","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-12-27T14:03:05.989Z","datePublished":"2024-12-27T14:22:53.318Z","dateUpdated":"2025-11-03T20:49:24.909Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-09-16T08:02:55.449Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix usage slab after free\n\n[  +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched]\n[  +0.000027] Read of size 8 at addr ffff8881b8605f88 by task amd_pci_unplug/2147\n\n[  +0.000023] CPU: 6 PID: 2147 Comm: amd_pci_unplug Not tainted 6.10.0+ #1\n[  +0.000016] Hardware name: ASUS System Product Name/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020\n[  +0.000016] Call Trace:\n[  +0.000008]  <TASK>\n[  +0.000009]  dump_stack_lvl+0x76/0xa0\n[  +0.000017]  print_report+0xce/0x5f0\n[  +0.000017]  ? drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched]\n[  +0.000019]  ? srso_return_thunk+0x5/0x5f\n[  +0.000015]  ? kasan_complete_mode_report_info+0x72/0x200\n[  +0.000016]  ? drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched]\n[  +0.000019]  kasan_report+0xbe/0x110\n[  +0.000015]  ? drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched]\n[  +0.000023]  __asan_report_load8_noabort+0x14/0x30\n[  +0.000014]  drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched]\n[  +0.000020]  ? srso_return_thunk+0x5/0x5f\n[  +0.000013]  ? __kasan_check_write+0x14/0x30\n[  +0.000016]  ? __pfx_drm_sched_entity_flush+0x10/0x10 [gpu_sched]\n[  +0.000020]  ? srso_return_thunk+0x5/0x5f\n[  +0.000013]  ? __kasan_check_write+0x14/0x30\n[  +0.000013]  ? srso_return_thunk+0x5/0x5f\n[  +0.000013]  ? enable_work+0x124/0x220\n[  +0.000015]  ? __pfx_enable_work+0x10/0x10\n[  +0.000013]  ? srso_return_thunk+0x5/0x5f\n[  +0.000014]  ? free_large_kmalloc+0x85/0xf0\n[  +0.000016]  drm_sched_entity_destroy+0x18/0x30 [gpu_sched]\n[  +0.000020]  amdgpu_vce_sw_fini+0x55/0x170 [amdgpu]\n[  +0.000735]  ? __kasan_check_read+0x11/0x20\n[  +0.000016]  vce_v4_0_sw_fini+0x80/0x110 [amdgpu]\n[  +0.000726]  amdgpu_device_fini_sw+0x331/0xfc0 [amdgpu]\n[  +0.000679]  ? mutex_unlock+0x80/0xe0\n[  +0.000017]  ? __pfx_amdgpu_device_fini_sw+0x10/0x10 [amdgpu]\n[  +0.000662]  ? srso_return_thunk+0x5/0x5f\n[  +0.000014]  ? __kasan_check_write+0x14/0x30\n[  +0.000013]  ? srso_return_thunk+0x5/0x5f\n[  +0.000013]  ? mutex_unlock+0x80/0xe0\n[  +0.000016]  amdgpu_driver_release_kms+0x16/0x80 [amdgpu]\n[  +0.000663]  drm_minor_release+0xc9/0x140 [drm]\n[  +0.000081]  drm_release+0x1fd/0x390 [drm]\n[  +0.000082]  __fput+0x36c/0xad0\n[  +0.000018]  __fput_sync+0x3c/0x50\n[  +0.000014]  __x64_sys_close+0x7d/0xe0\n[  +0.000014]  x64_sys_call+0x1bc6/0x2680\n[  +0.000014]  do_syscall_64+0x70/0x130\n[  +0.000014]  ? srso_return_thunk+0x5/0x5f\n[  +0.000014]  ? irqentry_exit_to_user_mode+0x60/0x190\n[  +0.000015]  ? srso_return_thunk+0x5/0x5f\n[  +0.000014]  ? irqentry_exit+0x43/0x50\n[  +0.000012]  ? srso_return_thunk+0x5/0x5f\n[  +0.000013]  ? exc_page_fault+0x7c/0x110\n[  +0.000015]  entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[  +0.000014] RIP: 0033:0x7ffff7b14f67\n[  +0.000013] Code: ff e8 0d 16 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 73 ba f7 ff\n[  +0.000026] RSP: 002b:00007fffffffe378 EFLAGS: 00000246 ORIG_RAX: 0000000000000003\n[  +0.000019] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffff7b14f67\n[  +0.000014] RDX: 0000000000000000 RSI: 00007ffff7f6f47a RDI: 0000000000000003\n[  +0.000014] RBP: 00007fffffffe3a0 R08: 0000555555569890 R09: 0000000000000000\n[  +0.000014] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffffffe5c8\n[  +0.000013] R13: 00005555555552a9 R14: 0000555555557d48 R15: 00007ffff7ffd040\n[  +0.000020]  </TASK>\n\n[  +0.000016] Allocated by task 383 on cpu 7 at 26.880319s:\n[  +0.000014]  kasan_save_stack+0x28/0x60\n[  +0.000008]  kasan_save_track+0x18/0x70\n[  +0.000007]  kasan_save_alloc_info+0x38/0x60\n[  +0.000007]  __kasan_kmalloc+0xc1/0xd0\n[  +0.000007]  kmalloc_trace_noprof+0x180/0x380\n[  +0.000007]  drm_sched_init+0x411/0xec0 [gpu_sched]\n[  +0.000012]  amdgpu_device_init+0x695f/0xa610 [amdgpu]\n[  +0.000658]  amdgpu_driver_load_kms+0x1a/0x120 [amdgpu]\n[  +0.000662]  amdgpu_pci_p\n---truncated---"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/amd/amdgpu/amdgpu_device.c","drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c"],"versions":[{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"3cc1116de10953f0265a05d9f351b02a9ec3b497","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"05b1b33936b71e5f189a813a517f72e8a27fcb2f","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"3990ef742c064e22189b954522930db04fc6b1a7","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"6383199ada42d30562b4249c393592a2a9c38165","status":"affected","versionType":"git"},{"version":"d38ceaf99ed015f2a0b9af3499791bd3a3daae21","lessThan":"b61badd20b443eabe132314669bb51a263982e5c","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/gpu/drm/amd/amdgpu/amdgpu_device.c","drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c"],"versions":[{"version":"4.2","status":"affected"},{"version":"0","lessThan":"4.2","status":"unaffected","versionType":"semver"},{"version":"5.15.181","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.127","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.64","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.4","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"5.15.181"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.1.127"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.6.64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.12.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3cc1116de10953f0265a05d9f351b02a9ec3b497"},{"url":"https://git.kernel.org/stable/c/05b1b33936b71e5f189a813a517f72e8a27fcb2f"},{"url":"https://git.kernel.org/stable/c/3990ef742c064e22189b954522930db04fc6b1a7"},{"url":"https://git.kernel.org/stable/c/6383199ada42d30562b4249c393592a2a9c38165"},{"url":"https://git.kernel.org/stable/c/b61badd20b443eabe132314669bb51a263982e5c"}],"title":"drm/amdgpu: fix usage slab after free","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.8,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"id":"CVE-2024-56551","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-03-06T16:07:43.843421Z"}}}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-416","description":"CWE-416 Use After Free"}]}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-06T16:14:32.718Z"}},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:49:24.909Z"}}]}}