CVE-2024-58019 (GCVE-0-2024-58019)
Vulnerability from cvelistv5
Published
2025-02-27 02:12
Modified
2025-05-04 10:08
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header, message body. GSP calculates the number of pages to write from the total size of a GSP message. This behavior can be observed from the movement of the write pointer. However, nvkm takes only the size of RPC header and message body as the message size when advancing the read pointer. When handling a two-page GSP message in the non rollback case, It wrongly takes the message body of the previous message as the message header of the next message. As the "message length" tends to be zero, in the calculation of size needs to be copied (0 - size of (message header)), the size needs to be copied will be "0xffffffxx". It also triggers a kernel panic due to a NULL pointer error. [ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@....... [ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................ [ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................ [ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................ [ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0 [ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0 [ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020 [ 547.669485] #PF: supervisor read access in kernel mode [ 547.674624] #PF: error_code(0x0000) - not-present page [ 547.679755] PGD 0 P4D 0 [ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI [ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1 [ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022 [ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm] [ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm] [ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 <8b> 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05 [ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203 [ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f [ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010 [ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0 [ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000 [ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000 [ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000 [ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0 [ 547.793896] PKRU: 55555554 [ 547.796600] Call Trace: [ 547.799046] <TASK> [ 547.801152] ? __die+0x20/0x70 [ 547.804211] ? page_fault_oops+0x75/0x170 [ 547.808221] ? print_hex_dump+0x100/0x160 [ 547.812226] ? exc_page_fault+0x64/0x150 [ 547.816152] ? asm_exc_page_fault+0x22/0x30 [ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm] [ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm] [ 547.829845] process_one_work+0x196/0x3d0 [ 547.833861] worker_thread+0x2fc/0x410 [ 547.837613] ? __pfx_worker_thread+0x10/0x10 [ 547.841885] kthread+0xdf/0x110 [ 547.845031] ? __pfx_kthread+0x10/0x10 [ 547.848775] ret_from_fork+0x30/0x50 [ 547.852354] ? __pfx_kthread+0x10/0x10 [ 547.856097] ret_from_fork_asm+0x1a/0x30 [ 547.860019] </TASK> [ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd ---truncated---
References
Impacted products
Vendor Product Version
Linux Linux Version: 176fdcbddfd288408ce8571c1760ad618d962096
Version: 176fdcbddfd288408ce8571c1760ad618d962096
Version: 176fdcbddfd288408ce8571c1760ad618d962096
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5185e63b45ea39339ed83f269e2ddfafb07e70d9",
              "status": "affected",
              "version": "176fdcbddfd288408ce8571c1760ad618d962096",
              "versionType": "git"
            },
            {
              "lessThan": "67c9cf82f50236d9c000333b26b4f95eb2c3e1b2",
              "status": "affected",
              "version": "176fdcbddfd288408ce8571c1760ad618d962096",
              "versionType": "git"
            },
            {
              "lessThan": "8d9beb4aebc02c4bd09e1d39c9c5f1c68c786dbc",
              "status": "affected",
              "version": "176fdcbddfd288408ce8571c1760ad618d962096",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.7"
            },
            {
              "lessThan": "6.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.13.*",
              "status": "unaffected",
              "version": "6.13.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.14",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.13.3",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.14",
                  "versionStartIncluding": "6.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[  547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00  ........@.......\n[  547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00  ................\n[  547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff  ................\n[  547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................\n[  547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[  547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[  547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[  547.669485] #PF: supervisor read access in kernel mode\n[  547.674624] #PF: error_code(0x0000) - not-present page\n[  547.679755] PGD 0 P4D 0\n[  547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[  547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G            E      6.9.0-rc6+ #1\n[  547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[  547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[  547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[  547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[  547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[  547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[  547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[  547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[  547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[  547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[  547.772958] FS:  0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[  547.781035] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[  547.793896] PKRU: 55555554\n[  547.796600] Call Trace:\n[  547.799046]  \u003cTASK\u003e\n[  547.801152]  ? __die+0x20/0x70\n[  547.804211]  ? page_fault_oops+0x75/0x170\n[  547.808221]  ? print_hex_dump+0x100/0x160\n[  547.812226]  ? exc_page_fault+0x64/0x150\n[  547.816152]  ? asm_exc_page_fault+0x22/0x30\n[  547.820341]  ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[  547.825184]  r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[  547.829845]  process_one_work+0x196/0x3d0\n[  547.833861]  worker_thread+0x2fc/0x410\n[  547.837613]  ? __pfx_worker_thread+0x10/0x10\n[  547.841885]  kthread+0xdf/0x110\n[  547.845031]  ? __pfx_kthread+0x10/0x10\n[  547.848775]  ret_from_fork+0x30/0x50\n[  547.852354]  ? __pfx_kthread+0x10/0x10\n[  547.856097]  ret_from_fork_asm+0x1a/0x30\n[  547.860019]  \u003c/TASK\u003e\n[  547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T10:08:35.181Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5185e63b45ea39339ed83f269e2ddfafb07e70d9"
        },
        {
          "url": "https://git.kernel.org/stable/c/67c9cf82f50236d9c000333b26b4f95eb2c3e1b2"
        },
        {
          "url": "https://git.kernel.org/stable/c/8d9beb4aebc02c4bd09e1d39c9c5f1c68c786dbc"
        }
      ],
      "title": "nvkm/gsp: correctly advance the read pointer of GSP message queue",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-58019",
    "datePublished": "2025-02-27T02:12:10.109Z",
    "dateReserved": "2025-02-27T02:10:48.228Z",
    "dateUpdated": "2025-05-04T10:08:35.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-58019\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-27T03:15:12.897\",\"lastModified\":\"2025-02-27T03:15:12.897\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnvkm/gsp: correctly advance the read pointer of GSP message queue\\n\\nA GSP event message consists three parts: message header, RPC header,\\nmessage body. GSP calculates the number of pages to write from the\\ntotal size of a GSP message. This behavior can be observed from the\\nmovement of the write pointer.\\n\\nHowever, nvkm takes only the size of RPC header and message body as\\nthe message size when advancing the read pointer. When handling a\\ntwo-page GSP message in the non rollback case, It wrongly takes the\\nmessage body of the previous message as the message header of the next\\nmessage. As the \\\"message length\\\" tends to be zero, in the calculation of\\nsize needs to be copied (0 - size of (message header)), the size needs to\\nbe copied will be \\\"0xffffffxx\\\". It also triggers a kernel panic due to a\\nNULL pointer error.\\n\\n[  547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00  ........@.......\\n[  547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00  ................\\n[  547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff  ................\\n[  547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff  ................\\n[  547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\\n[  547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\\n[  547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\\n[  547.669485] #PF: supervisor read access in kernel mode\\n[  547.674624] #PF: error_code(0x0000) - not-present page\\n[  547.679755] PGD 0 P4D 0\\n[  547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\\n[  547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G            E      6.9.0-rc6+ #1\\n[  547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\\n[  547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\\n[  547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\\n[  547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\\n[  547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\\n[  547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\\n[  547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\\n[  547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\\n[  547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\\n[  547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\\n[  547.772958] FS:  0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\\n[  547.781035] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\n[  547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\\n[  547.793896] PKRU: 55555554\\n[  547.796600] Call Trace:\\n[  547.799046]  \u003cTASK\u003e\\n[  547.801152]  ? __die+0x20/0x70\\n[  547.804211]  ? page_fault_oops+0x75/0x170\\n[  547.808221]  ? print_hex_dump+0x100/0x160\\n[  547.812226]  ? exc_page_fault+0x64/0x150\\n[  547.816152]  ? asm_exc_page_fault+0x22/0x30\\n[  547.820341]  ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\\n[  547.825184]  r535_gsp_msgq_work+0x42/0x50 [nvkm]\\n[  547.829845]  process_one_work+0x196/0x3d0\\n[  547.833861]  worker_thread+0x2fc/0x410\\n[  547.837613]  ? __pfx_worker_thread+0x10/0x10\\n[  547.841885]  kthread+0xdf/0x110\\n[  547.845031]  ? __pfx_kthread+0x10/0x10\\n[  547.848775]  ret_from_fork+0x30/0x50\\n[  547.852354]  ? __pfx_kthread+0x10/0x10\\n[  547.856097]  ret_from_fork_asm+0x1a/0x30\\n[  547.860019]  \u003c/TASK\u003e\\n[  547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: nvkm/gsp: avanza correctamente el puntero de lectura de la cola de mensajes GSP Un mensaje de evento GSP consta de tres partes: encabezado del mensaje, encabezado RPC, cuerpo del mensaje. GSP calcula el n\u00famero de p\u00e1ginas a escribir a partir del tama\u00f1o total de un mensaje GSP. Este comportamiento se puede observar a partir del movimiento del puntero de escritura. Sin embargo, nvkm solo toma el tama\u00f1o del encabezado RPC y el cuerpo del mensaje como el tama\u00f1o del mensaje al avanzar el puntero de lectura. Al manejar un mensaje GSP de dos p\u00e1ginas en el caso de no reversi\u00f3n, toma err\u00f3neamente el cuerpo del mensaje anterior como el encabezado del mensaje del siguiente mensaje. Como la \\\"longitud del mensaje\\\" tiende a ser cero, en el c\u00e1lculo del tama\u00f1o que se debe copiar (0 - tama\u00f1o de (encabezado del mensaje)), el tama\u00f1o que se debe copiar ser\u00e1 \\\"0xffffffxx\\\". Tambi\u00e9n desencadena un p\u00e1nico del kernel debido a un error de puntero NULL. [ 547.614102] mensaje: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@....... [ 547.622533] mensaje: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff 00 00 00 00 ................ [ 547.630965] msj: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................ [ 547.639397] msj: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ff ................ [ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0 [ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0 [ 547.662532] ERROR: desreferencia de puntero NULL del n\u00facleo, direcci\u00f3n: 0000000000000020 [ 547.669485] #PF: acceso de lectura del supervisor en modo n\u00facleo [ 547.674624] #PF: error_code(0x0000) - p\u00e1gina no presente [ 547.679755] PGD 0 P4D 0 [ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI [ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Contaminado: GE 6.9.0-rc6+ #1 [ 547.694893] Nombre del hardware: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022 [ 547.702626] Cola de trabajo: eventos r535_gsp_msgq_work [nvkm] [ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm] [ 547.713375] C\u00f3digo: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u0026lt;8b\u0026gt; 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05 [ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203 [ 547.737335] RAX: 0000000000000010 RBX: 000000000000000008 RCX: 000000000000003f [ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010 [ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0 [ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000 [ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000 [ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000 [ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0 [ 547.793896] PKRU: 55555554 [ 547.796600] Rastreo de llamadas: [ 547.799046]  [ 547.801152] ? __die+0x20/0x70 [ 547.804211] ? page_fault_oops+0x75/0x170 [ 547.808221] ? print_hex_dump+0x100/0x160 [ 547.812226] ? exc_page_fault+0x64/0x150 [ 547.816152] ? asm_exc_page_fault+0x22/0x30 [ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm] [ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm] [ 547.829845] process_one_work+0x196/0x3d0 [ 547.833861] worker_thread+0x2fc/0x410 [ 547.837613] ? __pfx_worker_thread+0x10/0x10 [ 547.841885] kthread+0xdf/0x110 [ 547.845031] ? __pfx_kthread+0x10/0x10 [ 547.848775] ret_from_fork+0x30/0x50 [ 547.852354] ? __pfx_kthread+0x10/0x10 [ 547.856097] ret_from_fork_asm+0x1a/0x30 [ 547.860019]  [ 547.862208] M\u00f3dulos vinculados en: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ ---truncado---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/5185e63b45ea39339ed83f269e2ddfafb07e70d9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/67c9cf82f50236d9c000333b26b4f95eb2c3e1b2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8d9beb4aebc02c4bd09e1d39c9c5f1c68c786dbc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.