{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-27400", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:47:42.681Z", "datePublished": "2024-05-13T10:26:13.504Z", "dateUpdated": "2025-05-04T12:55:33.172Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:55:33.172Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2\n\nThis reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move\non same heap. The basic problem here is that after the move the old\nlocation is simply not available any more.\n\nSome fixes were suggested, but essentially we should call the move\nnotification before actually moving things because only this way we have\nthe correct order for DMA-buf and VM move notifications as well.\n\nAlso rework the statistic handling so that we don't update the eviction\ncounter before the move.\n\nv2: add missing NULL check"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/amdgpu/amdgpu_object.c", "drivers/gpu/drm/amd/amdgpu/amdgpu_object.h", "drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c"], "versions": [{"version": "d443fb67ca5ab04760449d21ddea66f6728e5b00", "lessThan": "5c25b169f9a0b34ee410891a96bc9d7b9ed6f9be", "status": "affected", "versionType": "git"}, {"version": "e7a0ee45c653784edda5e36bae6ae3c75fd5e7a8", "lessThan": "0c7ed3ed35eec9138b88d42217b5a6b9a62bda4d", "status": "affected", "versionType": "git"}, {"version": "94aeb4117343d072e3a35b9595bcbfc0058ee724", "lessThan": "9a4f6e138720b6e9adf7b82a71d0292f3f276480", "status": "affected", "versionType": "git"}, {"version": "94aeb4117343d072e3a35b9595bcbfc0058ee724", "lessThan": "d3a9331a6591e9df64791e076f6591f440af51c3", "status": "affected", "versionType": "git"}, {"version": "77bcd4ab446fa35ad135b1c7404415ed9a129296", "status": "affected", "versionType": "git"}, {"version": "1cd2b612474c07b17a21e27f2eed8dff75cb5057", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/amd/amdgpu/amdgpu_object.c", "drivers/gpu/drm/amd/amdgpu/amdgpu_object.h", "drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c"], "versions": [{"version": "6.8", "status": "affected"}, {"version": "0", "lessThan": "6.8", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.91", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.31", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.10", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.77", "versionEndExcluding": "6.1.91"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.16", "versionEndExcluding": "6.6.31"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.8.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8", "versionEndExcluding": "6.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.149"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7.4"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/5c25b169f9a0b34ee410891a96bc9d7b9ed6f9be"}, {"url": "https://git.kernel.org/stable/c/0c7ed3ed35eec9138b88d42217b5a6b9a62bda4d"}, {"url": "https://git.kernel.org/stable/c/9a4f6e138720b6e9adf7b82a71d0292f3f276480"}, {"url": "https://git.kernel.org/stable/c/d3a9331a6591e9df64791e076f6591f440af51c3"}], "title": "drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:34:52.126Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/5c25b169f9a0b34ee410891a96bc9d7b9ed6f9be", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0c7ed3ed35eec9138b88d42217b5a6b9a62bda4d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9a4f6e138720b6e9adf7b82a71d0292f3f276480", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d3a9331a6591e9df64791e076f6591f440af51c3", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27400", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:43:22.534105Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:26.518Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/5c25b169f9a0b34ee410891a96bc9d7b9ed6f9be", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0c7ed3ed35eec9138b88d42217b5a6b9a62bda4d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9a4f6e138720b6e9adf7b82a71d0292f3f276480", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d3a9331a6591e9df64791e076f6591f440af51c3", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:34:52.126Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27400", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:43:22.534105Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:16.685Z"}}], "cna": {"title": "drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "d443fb67ca5ab04760449d21ddea66f6728e5b00", "lessThan": "5c25b169f9a0b34ee410891a96bc9d7b9ed6f9be", "versionType": "git"}, {"status": "affected", "version": "e7a0ee45c653784edda5e36bae6ae3c75fd5e7a8", "lessThan": "0c7ed3ed35eec9138b88d42217b5a6b9a62bda4d", "versionType": "git"}, {"status": "affected", "version": "94aeb4117343d072e3a35b9595bcbfc0058ee724", "lessThan": "9a4f6e138720b6e9adf7b82a71d0292f3f276480", "versionType": "git"}, {"status": "affected", "version": "94aeb4117343d072e3a35b9595bcbfc0058ee724", "lessThan": "d3a9331a6591e9df64791e076f6591f440af51c3", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/amd/amdgpu/amdgpu_object.c", "drivers/gpu/drm/amd/amdgpu/amdgpu_object.h", "drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.8"}, {"status": "unaffected", "version": "0", "lessThan": "6.8", "versionType": "semver"}, {"status": "unaffected", "version": "6.1.91", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.31", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.10", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/amd/amdgpu/amdgpu_object.c", "drivers/gpu/drm/amd/amdgpu/amdgpu_object.h", "drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/5c25b169f9a0b34ee410891a96bc9d7b9ed6f9be"}, {"url": "https://git.kernel.org/stable/c/0c7ed3ed35eec9138b88d42217b5a6b9a62bda4d"}, {"url": "https://git.kernel.org/stable/c/9a4f6e138720b6e9adf7b82a71d0292f3f276480"}, {"url": "https://git.kernel.org/stable/c/d3a9331a6591e9df64791e076f6591f440af51c3"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2\n\nThis reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move\non same heap. The basic problem here is that after the move the old\nlocation is simply not available any more.\n\nSome fixes were suggested, but essentially we should call the move\nnotification before actually moving things because only this way we have\nthe correct order for DMA-buf and VM move notifications as well.\n\nAlso rework the statistic handling so that we don't update the eviction\ncounter before the move.\n\nv2: add missing NULL check"}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:54:17.890Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27400", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:54:17.890Z", "dateReserved": "2024-02-25T13:47:42.681Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-13T10:26:13.504Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2\n\nThis reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move\non same heap. The basic problem here is that after the move the old\nlocation is simply not available any more.\n\nSome fixes were suggested, but essentially we should call the move\nnotification before actually moving things because only this way we have\nthe correct order for DMA-buf and VM move notifications as well.\n\nAlso rework the statistic handling so that we don't update the eviction\ncounter before the move.\n\nv2: add missing NULL check"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amdgpu: una vez m\u00e1s corrige la llamada oder en amdgpu_ttm_move() v2. Esto revierte drm/amdgpu: corrige el evento ftrace amdgpu_bo_move siempre se mueve en el mismo mont\u00f3n. El problema b\u00e1sico aqu\u00ed es que despu\u00e9s de la mudanza, la antigua ubicaci\u00f3n simplemente ya no est\u00e1 disponible. Se sugirieron algunas correcciones, pero esencialmente deber\u00edamos llamar a la notificaci\u00f3n de movimiento antes de mover cosas porque solo as\u00ed tenemos el orden correcto para las notificaciones de movimiento de DMA-buf y VM tambi\u00e9n. Tambi\u00e9n modifique el manejo de estad\u00edsticas para que no actualicemos el contador de desalojo antes de la mudanza. v2: agregar verificaci\u00f3n NULL faltante"}], "id": "CVE-2024-27400", "lastModified": "2024-11-21T09:04:32.260", "metrics": {}, "published": "2024-05-14T15:12:29.260", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0c7ed3ed35eec9138b88d42217b5a6b9a62bda4d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5c25b169f9a0b34ee410891a96bc9d7b9ed6f9be"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9a4f6e138720b6e9adf7b82a71d0292f3f276480"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d3a9331a6591e9df64791e076f6591f440af51c3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/0c7ed3ed35eec9138b88d42217b5a6b9a62bda4d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/5c25b169f9a0b34ee410891a96bc9d7b9ed6f9be"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/9a4f6e138720b6e9adf7b82a71d0292f3f276480"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/d3a9331a6591e9df64791e076f6591f440af51c3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/DW2MIOIMOFUSNLHLRYX23AFR36BMKD65/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/OTB4HWU2PTVW5NEYHHLOCXDKG3PYA534/"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2", "id": "2280460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280460"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2\nThis reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move\non same heap. The basic problem here is that after the move the old\nlocation is simply not available any more.\nSome fixes were suggested, but essentially we should call the move\nnotification before actually moving things because only this way we have\nthe correct order for DMA-buf and VM move notifications as well.\nAlso rework the statistic handling so that we don't update the eviction\ncounter before the move.\nv2: add missing NULL check", "A vulnerability was found in the AMDGPU driver, the`amdgpu_ttm_move()` function, within the Linux kernel. This issue, resolved in version updates, involved a flaw in handling memory moves for GPU resources, which led to undefined behavior and potential system instability."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-27400", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-27400\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-27400\nhttps://lore.kernel.org/linux-cve-announce/2024051317-CVE-2024-27400-3b00@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate"}