CVE-2024-47729 in Linux
Summary
by MITRE • 10/21/2024
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Use reserved copy engine for user binds on faulting devices
User binds map to engines with can fault, faults depend on user binds completion, thus we can deadlock. Avoid this by using reserved copy engine for user binds on faulting devices.
While we are here, normalize bind queue creation with a helper.
v2: - Pass in extensions to bind queue creation (CI) v3: - s/resevered/reserved (Lucas) - Fix NULL hwe check (Jonathan)
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 01/19/2026
The vulnerability CVE-2024-47729 affects the Linux kernel's graphics subsystem, specifically within the display driver manager module for Intel graphics hardware. This issue resides in the xe driver which handles Intel's graphics processing units and represents a critical deadlock condition that can occur during memory management operations. The vulnerability manifests when user-space applications attempt to bind memory pages to graphics engines while the device is in a faulting state, creating a circular dependency that prevents proper resource cleanup and system operation.
The technical flaw stems from a design inconsistency in how user-space memory bindings are handled within the graphics driver's memory management system. When a device encounters a fault condition, the driver attempts to manage memory mappings through user binds that depend on completion of fault handling operations. However, the current implementation creates a circular dependency where the fault handling process cannot complete because it waits for user bind operations that in turn depend on the fault handling being resolved. This fundamental race condition and dependency loop results in a system deadlock that prevents further graphics operations and can lead to complete system hangs.
The operational impact of this vulnerability extends beyond simple system instability to potentially compromise the entire graphics subsystem and affect user applications that depend on GPU acceleration. When the deadlock occurs, applications using graphics processing units may become unresponsive, and the system may require forced rebooting to recover. The vulnerability affects systems running Linux kernels with Intel graphics hardware and can be exploited by malicious users or applications that trigger fault conditions during memory binding operations. This represents a significant threat to systems where graphics processing is critical for user experience and system functionality.
The fix implemented addresses this vulnerability by introducing a reserved copy engine specifically for user bind operations on faulting devices, breaking the circular dependency that causes the deadlock. This approach follows the principle of resource isolation and prevents user-space operations from interfering with critical fault handling mechanisms. The solution also includes normalization of bind queue creation through helper functions, which improves code maintainability and reduces the likelihood of similar issues in the future. The patch addresses multiple versions of the driver with improvements including proper extension passing during bind queue creation and corrected NULL hardware checks to prevent additional edge case failures. This fix aligns with security best practices by implementing defensive programming techniques and proper resource management that prevent system-level deadlocks and maintain operational integrity of graphics subsystems.
This vulnerability relates to CWE-367 Time-of-Check Time-of-Use (TOCTOU) and CWE-121 Heap-based Buffer Overflow categories, representing a classic resource management issue where the timing and dependency of operations create exploitable conditions. The fix implements mitigation strategies consistent with ATT&CK framework's privilege escalation and denial of service techniques by preventing the specific deadlock condition that could be exploited to maintain persistent system unavailability. The solution demonstrates proper kernel security practices through isolation of critical operations and resource management that prevents cascading failures in the graphics subsystem.