Resource Injection The advisory has been revoked - it doesn't affect any version of package kernel-cross-headers  (opens in a new tab)

The Red Hat security team deemed this advisory irrelevant for RHEL:9.

Note: Versions mentioned in the description apply only to the upstream kernel-cross-headers package and not the kernel-cross-headers package as distributed by RHEL.

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: change vm->task_info handling

This patch changes the handling and lifecycle of vm->task_info object. The major changes are:

• vm->task_info is a dynamically allocated ptr now, and its uasge is reference counted.
• introducing two new helper funcs for task_info lifecycle management
  • amdgpu_vm_get_task_info: reference counts up task_info before returning this info
  • amdgpu_vm_put_task_info: reference counts down task_info
• last put to task_info() frees task_info from the vm.

This patch also does logistical changes required for existing usage of vm->task_info.

V2: Do not block all the prints when task_info not found (Felix)

V3: Fixed review comments from Felix

• Fix wrong indentation
• No debug message for -ENOMEM
• Add NULL check for task_info
• Do not duplicate the debug messages (ti vs no ti)
• Get first reference of task_info in vm_init(), put last in vm_fini()

V4: Fixed review comments from Felix

• fix double reference increment in create_task_info
• change amdgpu_vm_get_task_info_pasid
• additional changes in amdgpu_gem.c while porting

• https://access.redhat.com/security/cve/CVE-2024-41008
• https://git.kernel.org/stable/c/b8f67b9ddf4f8fe6dd536590712b5912ad78f99c