Linux Kernel up to 5.15.164/6.1.103/6.6.44/6.10.3 vmwgfx deadlock
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.5 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Linux Kernel up to 5.15.164/6.1.103/6.6.44/6.10.3. It has been rated as critical. Affected by this issue is some unknown functionality of the component vmwgfx. Performing a manipulation results in deadlock. This vulnerability is identified as CVE-2024-43863. There is not any exploit available. Upgrading the affected component is advised.
Details
A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.15.164/6.1.103/6.6.44/6.10.3. This affects an unknown function of the component vmwgfx. The manipulation with an unknown input leads to a deadlock vulnerability. CWE is classifying the issue as CWE-833. The product contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock. This is going to have an impact on availability. The summary by CVE is:
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll->fence wait->fence unref deadlocks. vmwgfx overwrites the wait callback to iterate over the list of all fences and update their status, to do that it holds a lock to prevent the list modifcations from other threads. The fence destroy callback both deletes the fence and removes it from the list of pending fences, for which it holds a lock. dma buf polling cb unrefs a fence after it's been signaled: so the poll calls the wait, which signals the fences, which are being destroyed. The destruction tries to acquire the lock on the pending fences list which it can never get because it's held by the wait from which it was called. Old bug, but not a lot of userspace apps were using dma-buf polling interfaces. Fix those, in particular this fixes KDE stalls/deadlock.
It is possible to read the advisory at git.kernel.org. This vulnerability is uniquely identified as CVE-2024-43863 since 08/17/2024. The technical details are unknown and an exploit is not publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 208816 (CBL Mariner 2.0 Security Update: kernel (CVE-2024-43863)), which helps to determine the existence of the flaw in a target environment.
Upgrading to version 5.15.165, 6.1.104, 6.6.45 or 6.10.4 eliminates this vulnerability. Applying the patch 9e20d028d8d1/3b933b16c996/a8943969f9ea/c98ab18b9f31/e58337100721 is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
The vulnerability is also documented in the databases at Tenable (208816) and CERT Bund (WID-SEC-2024-1888). Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Affected
- Debian Linux
- Amazon Linux 2
- Red Hat Enterprise Linux
- Ubuntu Linux
- SUSE Linux
- IBM InfoSphere Guardium
- Oracle Linux
- Kyocera Printer
- IBM Security Guardium
- RESF Rocky Linux
- Broadcom Brocade SANnav
- Open Source Linux Kernel
- IBM QRadar SIEM
- IBM DB2
- Dell PowerProtect Data Domain
- Dell PowerProtect Data Domain Management Center
- Dell PowerProtect Data Domain OS
- Dell Secure Connect Gateway
Product
Type
Vendor
Name
Version
- 5.15.164
- 6.1.103
- 6.6.0
- 6.6.1
- 6.6.2
- 6.6.3
- 6.6.4
- 6.6.5
- 6.6.6
- 6.6.7
- 6.6.8
- 6.6.9
- 6.6.10
- 6.6.11
- 6.6.12
- 6.6.13
- 6.6.14
- 6.6.15
- 6.6.16
- 6.6.17
- 6.6.18
- 6.6.19
- 6.6.20
- 6.6.21
- 6.6.22
- 6.6.23
- 6.6.24
- 6.6.25
- 6.6.26
- 6.6.27
- 6.6.28
- 6.6.29
- 6.6.30
- 6.6.31
- 6.6.32
- 6.6.33
- 6.6.34
- 6.6.35
- 6.6.36
- 6.6.37
- 6.6.38
- 6.6.39
- 6.6.40
- 6.6.41
- 6.6.42
- 6.6.43
- 6.6.44
- 6.10.0
- 6.10.1
- 6.10.2
- 6.10.3
License
Website
- Vendor: https://www.kernel.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.6VulDB Meta Temp Score: 5.5
VulDB Base Score: 5.7
VulDB Temp Score: 5.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 5.5
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: DeadlockCWE: CWE-833 / CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Partially
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 208816
Nessus Name: CBL Mariner 2.0 Security Update: kernel (CVE-2024-43863)
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Kernel 5.15.165/6.1.104/6.6.45/6.10.4
Patch: 9e20d028d8d1/3b933b16c996/a8943969f9ea/c98ab18b9f31/e58337100721
Timeline
08/17/2024 🔍08/21/2024 🔍
08/21/2024 🔍
02/17/2026 🔍
Sources
Vendor: kernel.orgAdvisory: git.kernel.org
Status: Confirmed
CVE: CVE-2024-43863 (🔍)
GCVE (CVE): GCVE-0-2024-43863
GCVE (VulDB): GCVE-100-275331
CERT Bund: WID-SEC-2024-1888 - Linux Kernel: Mehrere Schwachstellen
Entry
Created: 08/21/2024 07:29Updated: 02/17/2026 22:10
Changes: 08/21/2024 07:29 (58), 08/22/2024 06:42 (1), 09/04/2024 03:58 (10), 10/13/2024 15:02 (2), 02/17/2026 22:10 (7)
Complete: 🔍
Cache ID: 216::103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.