{"timestamp":"2024-06-24T17:03:52.649243Z","id":"CVE-2024-38664","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}

[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/xlnx/zynqmp_dpsub.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"eb2d64bfcc174919a921295a5327b99a3b8f4166","lessThan":"6ead3eccf67bc8318b1ce95ed879b2cc05b4fce9","versionType":"git","status":"affected"},{"version":"eb2d64bfcc174919a921295a5327b99a3b8f4166","lessThan":"603661357056b5e5ba6d86f505fbc936eff396ba","versionType":"git","status":"affected"},{"version":"eb2d64bfcc174919a921295a5327b99a3b8f4166","lessThan":"be3f3042391d061cfca2bd22630e0d101acea5fc","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/xlnx/zynqmp_dpsub.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.2","status":"affected"},{"version":"0","lessThan":"6.2","versionType":"semver","status":"unaffected"},{"version":"6.6.33","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.9.4","lessThanOrEqual":"6.9.*","versionType":"semver","status":"unaffected"},{"version":"6.10","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]

OR
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to (excluding) 6.2
          *cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.9 up to (excluding) 6.9.4
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.6 up to (excluding) 6.6.33

OR
          *cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.6.33
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.7 up to (excluding) 6.9.4

https://git.kernel.org/stable/c/603661357056b5e5ba6d86f505fbc936eff396ba

https://git.kernel.org/stable/c/6ead3eccf67bc8318b1ce95ed879b2cc05b4fce9

https://git.kernel.org/stable/c/be3f3042391d061cfca2bd22630e0d101acea5fc

NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

NIST CWE-667

OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to (excluding) 6.2
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.6 up to (excluding) 6.6.33
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.9 up to (excluding) 6.9.4
     *cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*

https://git.kernel.org/stable/c/603661357056b5e5ba6d86f505fbc936eff396ba No Types Assigned

https://git.kernel.org/stable/c/603661357056b5e5ba6d86f505fbc936eff396ba Mailing List, Patch

https://git.kernel.org/stable/c/6ead3eccf67bc8318b1ce95ed879b2cc05b4fce9 No Types Assigned

https://git.kernel.org/stable/c/6ead3eccf67bc8318b1ce95ed879b2cc05b4fce9 Mailing List, Patch

https://git.kernel.org/stable/c/be3f3042391d061cfca2bd22630e0d101acea5fc No Types Assigned

https://git.kernel.org/stable/c/be3f3042391d061cfca2bd22630e0d101acea5fc Mailing List, Patch

In the Linux kernel, the following vulnerability has been resolved:

drm: zynqmp_dpsub: Always register bridge

We must always register the DRM bridge, since zynqmp_dp_hpd_work_func
calls drm_bridge_hpd_notify, which in turn expects hpd_mutex to be
initialized. We do this before zynqmp_dpsub_drm_init since that calls
drm_bridge_attach. This fixes the following lockdep warning:

[   19.217084] ------------[ cut here ]------------
[   19.227530] DEBUG_LOCKS_WARN_ON(lock->magic != lock)
[   19.227768] WARNING: CPU: 0 PID: 140 at kernel/locking/mutex.c:582 __mutex_lock+0x4bc/0x550
[   19.241696] Modules linked in:
[   19.244937] CPU: 0 PID: 140 Comm: kworker/0:4 Not tainted 6.6.20+ #96
[   19.252046] Hardware name: xlnx,zynqmp (DT)
[   19.256421] Workqueue: events zynqmp_dp_hpd_work_func
[   19.261795] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   19.269104] pc : __mutex_lock+0x4bc/0x550
[   19.273364] lr : __mutex_lock+0x4bc/0x550
[   19.277592] sp : ffffffc085c5bbe0
[   19.281066] x29: ffffffc085c5bbe0 x28: 0000000000000000 x27: ffffff88009417f8
[   19.288624] x26: ffffff8800941788 x25: ffffff8800020008 x24: ffffffc082aa3000
[   19.296227] x23: ffffffc080d90e3c x22: 0000000000000002 x21: 0000000000000000
[   19.303744] x20: 0000000000000000 x19: ffffff88002f5210 x18: 0000000000000000
[   19.311295] x17: 6c707369642e3030 x16: 3030613464662072 x15: 0720072007200720
[   19.318922] x14: 0000000000000000 x13: 284e4f5f4e524157 x12: 0000000000000001
[   19.326442] x11: 0001ffc085c5b940 x10: 0001ff88003f388b x9 : 0001ff88003f3888
[   19.334003] x8 : 0001ff88003f3888 x7 : 0000000000000000 x6 : 0000000000000000
[   19.341537] x5 : 0000000000000000 x4 : 0000000000001668 x3 : 0000000000000000
[   19.349054] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffffff88003f3880
[   19.356581] Call trace:
[   19.359160]  __mutex_lock+0x4bc/0x550
[   19.363032]  mutex_lock_nested+0x24/0x30
[   19.367187]  drm_bridge_hpd_notify+0x2c/0x6c
[   19.371698]  zynqmp_dp_hpd_work_func+0x44/0x54
[   19.376364]  process_one

kernel.org https://git.kernel.org/stable/c/603661357056b5e5ba6d86f505fbc936eff396ba [No types assigned]

kernel.org https://git.kernel.org/stable/c/6ead3eccf67bc8318b1ce95ed879b2cc05b4fce9 [No types assigned]

kernel.org https://git.kernel.org/stable/c/be3f3042391d061cfca2bd22630e0d101acea5fc [No types assigned]