SB2024062180 - Improper locking in Linux kernel dma-buf driver
Published: June 21, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024062180
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper locking (CVE-ID: CVE-2024-38780)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sync_print_obj() function in drivers/dma-buf/sync_debug.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1ff116f68560a25656933d5a18e7619cb6773d8a
- https://git.kernel.org/stable/c/165b25e3ee9333f7b04f8db43895beacb51582ed
- https://git.kernel.org/stable/c/ae6fc4e6a3322f6d1c8ff59150d8469487a73dd8
- https://git.kernel.org/stable/c/9d75fab2c14a25553a1664586ed122c316bd1878
- https://git.kernel.org/stable/c/242b30466879e6defa521573c27e12018276c33a
- https://git.kernel.org/stable/c/a4ee78244445ab73af22bfc5a5fc543963b25aef
- https://git.kernel.org/stable/c/8a283cdfc8beeb14024387a925247b563d614e1e
- https://git.kernel.org/stable/c/b794918961516f667b0c745aebdfebbb8a98df39
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.316
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.219
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.161
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.278
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.93
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.33