{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-57888", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-01-11T14:45:42.027Z", "datePublished": "2025-01-15T13:05:40.832Z", "dateUpdated": "2025-01-20T06:28:56.382Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-01-20T06:28:56.382Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nworkqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker\n\nAfter commit\n746ae46c1113 (\"drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM\")\namdgpu started seeing the following warning:\n\n [ ] workqueue: WQ_MEM_RECLAIM sdma0:drm_sched_run_job_work [gpu_sched] is flushing !WQ_MEM_RECLAIM events:amdgpu_device_delay_enable_gfx_off [amdgpu]\n...\n [ ] Workqueue: sdma0 drm_sched_run_job_work [gpu_sched]\n...\n [ ] Call Trace:\n [ ] <TASK>\n...\n [ ] ? check_flush_dependency+0xf5/0x110\n...\n [ ] cancel_delayed_work_sync+0x6e/0x80\n [ ] amdgpu_gfx_off_ctrl+0xab/0x140 [amdgpu]\n [ ] amdgpu_ring_alloc+0x40/0x50 [amdgpu]\n [ ] amdgpu_ib_schedule+0xf4/0x810 [amdgpu]\n [ ] ? drm_sched_run_job_work+0x22c/0x430 [gpu_sched]\n [ ] amdgpu_job_run+0xaa/0x1f0 [amdgpu]\n [ ] drm_sched_run_job_work+0x257/0x430 [gpu_sched]\n [ ] process_one_work+0x217/0x720\n...\n [ ] </TASK>\n\nThe intent of the verifcation done in check_flush_depedency is to ensure\nforward progress during memory reclaim, by flagging cases when either a\nmemory reclaim process, or a memory reclaim work item is flushed from a\ncontext not marked as memory reclaim safe.\n\nThis is correct when flushing, but when called from the\ncancel(_delayed)_work_sync() paths it is a false positive because work is\neither already running, or will not be running at all. Therefore\ncancelling it is safe and we can relax the warning criteria by letting the\nhelper know of the calling context.\n\nReferences: 746ae46c1113 (\"drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM\")"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/workqueue.c"], "versions": [{"version": "fca839c00a12d682cb59b3b620d109a1d850b262", "lessThan": "1fd2a57dcb4de3cb40844a29c71b5d7b46a84334", "status": "affected", "versionType": "git"}, {"version": "fca839c00a12d682cb59b3b620d109a1d850b262", "lessThan": "ffb231471a407c96e114070bf828cd2378fdf431", "status": "affected", "versionType": "git"}, {"version": "fca839c00a12d682cb59b3b620d109a1d850b262", "lessThan": "de35994ecd2dd6148ab5a6c5050a1670a04dec77", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/workqueue.c"], "versions": [{"version": "4.5", "status": "affected"}, {"version": "0", "lessThan": "4.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.72", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.9", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/1fd2a57dcb4de3cb40844a29c71b5d7b46a84334"}, {"url": "https://git.kernel.org/stable/c/ffb231471a407c96e114070bf828cd2378fdf431"}, {"url": "https://git.kernel.org/stable/c/de35994ecd2dd6148ab5a6c5050a1670a04dec77"}], "title": "workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nworkqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker\n\nAfter commit\n746ae46c1113 (\"drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM\")\namdgpu started seeing the following warning:\n\n [ ] workqueue: WQ_MEM_RECLAIM sdma0:drm_sched_run_job_work [gpu_sched] is flushing !WQ_MEM_RECLAIM events:amdgpu_device_delay_enable_gfx_off [amdgpu]\n...\n [ ] Workqueue: sdma0 drm_sched_run_job_work [gpu_sched]\n...\n [ ] Call Trace:\n [ ] <TASK>\n...\n [ ] ? check_flush_dependency+0xf5/0x110\n...\n [ ] cancel_delayed_work_sync+0x6e/0x80\n [ ] amdgpu_gfx_off_ctrl+0xab/0x140 [amdgpu]\n [ ] amdgpu_ring_alloc+0x40/0x50 [amdgpu]\n [ ] amdgpu_ib_schedule+0xf4/0x810 [amdgpu]\n [ ] ? drm_sched_run_job_work+0x22c/0x430 [gpu_sched]\n [ ] amdgpu_job_run+0xaa/0x1f0 [amdgpu]\n [ ] drm_sched_run_job_work+0x257/0x430 [gpu_sched]\n [ ] process_one_work+0x217/0x720\n...\n [ ] </TASK>\n\nThe intent of the verifcation done in check_flush_depedency is to ensure\nforward progress during memory reclaim, by flagging cases when either a\nmemory reclaim process, or a memory reclaim work item is flushed from a\ncontext not marked as memory reclaim safe.\n\nThis is correct when flushing, but when called from the\ncancel(_delayed)_work_sync() paths it is a false positive because work is\neither already running, or will not be running at all. Therefore\ncancelling it is safe and we can relax the warning criteria by letting the\nhelper know of the calling context.\n\nReferences: 746ae46c1113 (\"drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM\")"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: workqueue: No advertir al cancelar el trabajo de WQ_MEM_RECLAIM del trabajador !WQ_MEM_RECLAIM Despu\u00e9s de la confirmaci\u00f3n 746ae46c1113 (\"drm/sched: Marcar las colas de trabajo del programador con WQ_MEM_RECLAIM\") amdgpu comenz\u00f3 a ver la siguiente advertencia: [ ] workqueue: WQ_MEM_RECLAIM sdma0:drm_sched_run_job_work [gpu_sched] is flushing !WQ_MEM_RECLAIM events:amdgpu_device_delay_enable_gfx_off [amdgpu] ... [ ] Workqueue: sdma0 drm_sched_run_job_work [gpu_sched] ... [ ] Call Trace: [ ] ... [ ] ? check_flush_dependency+0xf5/0x110 ... [ ] cancel_delayed_work_sync+0x6e/0x80 [ ] amdgpu_gfx_off_ctrl+0xab/0x140 [amdgpu] [ ] amdgpu_ring_alloc+0x40/0x50 [amdgpu] [ ] amdgpu_ib_schedule+0xf4/0x810 [amdgpu] [ ] ? drm_sched_run_job_work+0x22c/0x430 [gpu_sched] [ ] amdgpu_job_run+0xaa/0x1f0 [amdgpu] [ ] drm_sched_run_job_work+0x257/0x430 [gpu_sched] [ ] process_one_work+0x217/0x720 ... [ ] La intenci\u00f3n de la verificaci\u00f3n realizada en check_flush_depedency es asegurar el progreso hacia adelante durante la recuperaci\u00f3n de memoria, marcando los casos en los que un proceso de recuperaci\u00f3n de memoria o un elemento de trabajo de recuperaci\u00f3n de memoria se vac\u00edan de un contexto no marcado como seguro para la recuperaci\u00f3n de memoria. Esto es correcto durante el vaciado, pero cuando se llama desde las rutas cancel(_delayed)_work_sync() es un falso positivo porque el trabajo ya se est\u00e1 ejecutando o no se ejecutar\u00e1 en absoluto. Por lo tanto, cancelarlo es seguro y podemos relajar los criterios de advertencia informando al asistente del contexto de llamada. Referencias: 746ae46c1113 (\"drm/sched: Marcar las colas de trabajo del programador con WQ_MEM_RECLAIM\")"}], "id": "CVE-2024-57888", "lastModified": "2025-01-17T14:15:32.620", "metrics": {}, "published": "2025-01-15T13:15:13.240", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1fd2a57dcb4de3cb40844a29c71b5d7b46a84334"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/de35994ecd2dd6148ab5a6c5050a1670a04dec77"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ffb231471a407c96e114070bf828cd2378fdf431"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker", "id": "2338197", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338197"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-833", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nworkqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker\nAfter commit\n746ae46c1113 (\"drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM\")\namdgpu started seeing the following warning:\n[ ] workqueue: WQ_MEM_RECLAIM sdma0:drm_sched_run_job_work [gpu_sched] is flushing !WQ_MEM_RECLAIM events:amdgpu_device_delay_enable_gfx_off [amdgpu]\n...\n[ ] Workqueue: sdma0 drm_sched_run_job_work [gpu_sched]\n...\n[ ] Call Trace:\n[ ] <TASK>\n...\n[ ] ? check_flush_dependency+0xf5/0x110\n...\n[ ] cancel_delayed_work_sync+0x6e/0x80\n[ ] amdgpu_gfx_off_ctrl+0xab/0x140 [amdgpu]\n[ ] amdgpu_ring_alloc+0x40/0x50 [amdgpu]\n[ ] amdgpu_ib_schedule+0xf4/0x810 [amdgpu]\n[ ] ? drm_sched_run_job_work+0x22c/0x430 [gpu_sched]\n[ ] amdgpu_job_run+0xaa/0x1f0 [amdgpu]\n[ ] drm_sched_run_job_work+0x257/0x430 [gpu_sched]\n[ ] process_one_work+0x217/0x720\n...\n[ ] </TASK>\nThe intent of the verifcation done in check_flush_depedency is to ensure\nforward progress during memory reclaim, by flagging cases when either a\nmemory reclaim process, or a memory reclaim work item is flushed from a\ncontext not marked as memory reclaim safe.\nThis is correct when flushing, but when called from the\ncancel(_delayed)_work_sync() paths it is a false positive because work is\neither already running, or will not be running at all. Therefore\ncancelling it is safe and we can relax the warning criteria by letting the\nhelper know of the calling context.\nReferences: 746ae46c1113 (\"drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM\")"], "name": "CVE-2024-57888", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-01-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-57888\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-57888\nhttps://lore.kernel.org/linux-cve-announce/2025011511-CVE-2024-57888-0b38@gregkh/T"], "threat_severity": "Moderate"}