CVE-2024-56542: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a memleak issue when driver is removed Running "modprobe amdgpu" the second time (followed by a modprobe -r amdgpu) causes a call trace like: [ 845.212163] Memory manager not clean during takedown. [ 845.212170] WARNING: CPU: 4 PID: 2481 at drivers/gpu/drm/drm_mm.c:999 drm_mm_takedown+0x2b/0x40 [ 845.212177] Modules linked in: amdgpu(OE-) amddrm_ttm_helper(OE) amddrm_buddy(OE) amdxcp(OE) amd_sched(OE) drm_exec drm_suballoc_helper drm_display_helper i2c_algo_bit amdttm(OE) amdkcl(OE) cec rc_core sunrpc qrtr intel_rapl_msr intel_rapl_common snd_hda_codec_hdmi edac_mce_amd snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi snd_usb_audio snd_hda_codec snd_usbmidi_lib kvm_amd snd_hda_core snd_ump mc snd_hwdep kvm snd_pcm snd_seq_midi snd_seq_midi_event irqbypass crct10dif_pclmul snd_rawmidi polyval_clmulni polyval_generic ghash_clmulni_intel sha256_ssse3 sha1_ssse3 snd_seq aesni_intel crypto_simd snd_seq_device cryptd snd_timer mfd_aaeon asus_nb_wmi eeepc_wmi joydev asus_wmi snd ledtrig_audio sparse_keymap ccp wmi_bmof input_leds k10temp i2c_piix4 platform_profile rapl soundcore gpio_amdpt mac_hid binfmt_misc msr parport_pc ppdev lp parport efi_pstore nfnetlink dmi_sysfs ip_tables x_tables autofs4 hid_logitech_hidpp hid_logitech_dj hid_generic usbhid hid ahci xhci_pci igc crc32_pclmul libahci xhci_pci_renesas video [ 845.212284] wmi [last unloaded: amddrm_ttm_helper(OE)] [ 845.212290] CPU: 4 PID: 2481 Comm: modprobe Tainted: G W OE 6.8.0-31-generic #31-Ubuntu [ 845.212296] RIP: 0010:drm_mm_takedown+0x2b/0x40 [ 845.212300] Code: 1f 44 00 00 48 8b 47 38 48 83 c7 38 48 39 f8 75 09 31 c0 31 ff e9 90 2e 86 00 55 48 c7 c7 d0 f6 8e 8a 48 89 e5 e8 f5 db 45 ff <0f> 0b 5d 31 c0 31 ff e9 74 2e 86 00 66 0f 1f 84 00 00 00 00 00 90 [ 845.212302] RSP: 0018:ffffb11302127ae0 EFLAGS: 00010246 [ 845.212305] RAX: 0000000000000000 RBX: ffff92aa5020fc08 RCX: 0000000000000000 [ 845.212307] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 845.212309] RBP: ffffb11302127ae0 R08: 0000000000000000 R09: 0000000000000000 [ 845.212310] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000004 [ 845.212312] R13: ffff92aa50200000 R14: ffff92aa5020fb10 R15: ffff92aa5020faa0 [ 845.212313] FS: 0000707dd7c7c080(0000) GS:ffff92b93de00000(0000) knlGS:0000000000000000 [ 845.212316] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 845.212318] CR2: 00007d48b0aee200 CR3: 0000000115a58000 CR4: 0000000000f50ef0 [ 845.212320] PKRU: 55555554 [ 845.212321] Call Trace: [ 845.212323] <TASK> [ 845.212328] ? show_regs+0x6d/0x80 [ 845.212333] ? __warn+0x89/0x160 [ 845.212339] ? drm_mm_takedown+0x2b/0x40 [ 845.212344] ? report_bug+0x17e/0x1b0 [ 845.212350] ? handle_bug+0x51/0xa0 [ 845.212355] ? exc_invalid_op+0x18/0x80 [ 845.212359] ? asm_exc_invalid_op+0x1b/0x20 [ 845.212366] ? drm_mm_takedown+0x2b/0x40 [ 845.212371] amdgpu_gtt_mgr_fini+0xa9/0x130 [amdgpu] [ 845.212645] amdgpu_ttm_fini+0x264/0x340 [amdgpu] [ 845.212770] amdgpu_bo_fini+0x2e/0xc0 [amdgpu] [ 845.212894] gmc_v12_0_sw_fini+0x2a/0x40 [amdgpu] [ 845.213036] amdgpu_device_fini_sw+0x11a/0x590 [amdgpu] [ 845.213159] amdgpu_driver_release_kms+0x16/0x40 [amdgpu] [ 845.213302] devm_drm_dev_init_release+0x5e/0x90 [ 845.213305] devm_action_release+0x12/0x30 [ 845.213308] release_nodes+0x42/0xd0 [ 845.213311] devres_release_all+0x97/0xe0 [ 845.213314] device_unbind_cleanup+0x12/0x80 [ 845.213317] device_release_driver_internal+0x230/0x270 [ 845.213319] ? srso_alias_return_thunk+0x5/0xfbef5 This is caused by lost memory during early init phase. First time driver is removed, memory is freed but when second time the driver is inserted, VBIOS dmub is not active, since the PSP policy is to retain the driver loaded version on subsequent warm boots. Hence, communication with VBIOS DMUB fails. Fix this by aborting further comm ---truncated---
AI Analysis
Technical Summary
CVE-2024-56542 is a vulnerability identified in the Linux kernel's AMD GPU driver subsystem, specifically within the Direct Rendering Manager (DRM) component for AMD graphics (amdgpu). The flaw relates to a memory leak issue that occurs when the amdgpu kernel module is removed and reinserted. The problem manifests during the driver's teardown phase, where memory allocated for GPU management structures is not properly freed on subsequent driver reloads. This leads to a call trace warning indicating that the memory manager is not clean during takedown, with kernel logs showing a stack trace in the drm_mm_takedown function. The root cause is linked to the VBIOS DMUB (Display Microcontroller Unit BIOS) communication failure during the second initialization of the driver. The PSP (Platform Security Processor) policy retains the driver-loaded version across warm boots, causing the VBIOS DMUB to remain inactive on subsequent driver loads, which prevents proper communication and cleanup. This results in lost memory allocations during the early initialization phase that are not reclaimed, causing a memory leak. While the vulnerability does not appear to allow direct code execution or privilege escalation, it can degrade system stability and reliability by exhausting kernel memory resources over time, especially on systems that frequently reload the amdgpu driver. The issue affects Linux kernel versions containing the vulnerable amdgpu driver code referenced by the provided commit hashes. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2024-56542 primarily concerns systems running Linux with AMD GPUs, particularly in environments where the amdgpu driver is dynamically loaded and unloaded, such as in development, testing, or certain virtualization scenarios. The memory leak could lead to kernel memory exhaustion, causing system instability, crashes, or degraded performance. This may affect critical infrastructure relying on Linux servers or workstations with AMD graphics, including research institutions, media production companies, and enterprises using AMD-powered Linux desktops or servers. While the vulnerability does not directly expose confidential data or allow remote code execution, the resulting instability could disrupt business operations, cause downtime, and increase maintenance costs. Systems used in high-availability or real-time environments may be particularly sensitive to such disruptions. Given the widespread use of Linux across European public and private sectors, especially in countries with strong open-source adoption, the vulnerability poses a moderate operational risk if unmitigated.
Mitigation Recommendations
To mitigate CVE-2024-56542, organizations should apply the latest Linux kernel updates that include the patch fixing the amdgpu memory leak as soon as they become available from their Linux distribution vendors. Until patched, administrators should avoid repeatedly unloading and reloading the amdgpu driver module to prevent triggering the memory leak. Monitoring kernel logs for warnings related to drm_mm_takedown or amdgpu driver issues can help detect attempts to exploit or encounter this problem. For environments requiring frequent driver reloads, consider using alternative GPU drivers or hardware configurations that do not rely on the vulnerable amdgpu driver. Additionally, implementing kernel memory usage monitoring and alerting can provide early warning of memory leaks impacting system stability. In virtualized or containerized environments, isolating GPU resources and limiting driver reload operations can reduce exposure. Coordination with hardware vendors and Linux distribution maintainers is recommended to ensure timely patch deployment and validation.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain
CVE-2024-56542: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a memleak issue when driver is removed Running "modprobe amdgpu" the second time (followed by a modprobe -r amdgpu) causes a call trace like: [ 845.212163] Memory manager not clean during takedown. [ 845.212170] WARNING: CPU: 4 PID: 2481 at drivers/gpu/drm/drm_mm.c:999 drm_mm_takedown+0x2b/0x40 [ 845.212177] Modules linked in: amdgpu(OE-) amddrm_ttm_helper(OE) amddrm_buddy(OE) amdxcp(OE) amd_sched(OE) drm_exec drm_suballoc_helper drm_display_helper i2c_algo_bit amdttm(OE) amdkcl(OE) cec rc_core sunrpc qrtr intel_rapl_msr intel_rapl_common snd_hda_codec_hdmi edac_mce_amd snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi snd_usb_audio snd_hda_codec snd_usbmidi_lib kvm_amd snd_hda_core snd_ump mc snd_hwdep kvm snd_pcm snd_seq_midi snd_seq_midi_event irqbypass crct10dif_pclmul snd_rawmidi polyval_clmulni polyval_generic ghash_clmulni_intel sha256_ssse3 sha1_ssse3 snd_seq aesni_intel crypto_simd snd_seq_device cryptd snd_timer mfd_aaeon asus_nb_wmi eeepc_wmi joydev asus_wmi snd ledtrig_audio sparse_keymap ccp wmi_bmof input_leds k10temp i2c_piix4 platform_profile rapl soundcore gpio_amdpt mac_hid binfmt_misc msr parport_pc ppdev lp parport efi_pstore nfnetlink dmi_sysfs ip_tables x_tables autofs4 hid_logitech_hidpp hid_logitech_dj hid_generic usbhid hid ahci xhci_pci igc crc32_pclmul libahci xhci_pci_renesas video [ 845.212284] wmi [last unloaded: amddrm_ttm_helper(OE)] [ 845.212290] CPU: 4 PID: 2481 Comm: modprobe Tainted: G W OE 6.8.0-31-generic #31-Ubuntu [ 845.212296] RIP: 0010:drm_mm_takedown+0x2b/0x40 [ 845.212300] Code: 1f 44 00 00 48 8b 47 38 48 83 c7 38 48 39 f8 75 09 31 c0 31 ff e9 90 2e 86 00 55 48 c7 c7 d0 f6 8e 8a 48 89 e5 e8 f5 db 45 ff <0f> 0b 5d 31 c0 31 ff e9 74 2e 86 00 66 0f 1f 84 00 00 00 00 00 90 [ 845.212302] RSP: 0018:ffffb11302127ae0 EFLAGS: 00010246 [ 845.212305] RAX: 0000000000000000 RBX: ffff92aa5020fc08 RCX: 0000000000000000 [ 845.212307] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 845.212309] RBP: ffffb11302127ae0 R08: 0000000000000000 R09: 0000000000000000 [ 845.212310] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000004 [ 845.212312] R13: ffff92aa50200000 R14: ffff92aa5020fb10 R15: ffff92aa5020faa0 [ 845.212313] FS: 0000707dd7c7c080(0000) GS:ffff92b93de00000(0000) knlGS:0000000000000000 [ 845.212316] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 845.212318] CR2: 00007d48b0aee200 CR3: 0000000115a58000 CR4: 0000000000f50ef0 [ 845.212320] PKRU: 55555554 [ 845.212321] Call Trace: [ 845.212323] <TASK> [ 845.212328] ? show_regs+0x6d/0x80 [ 845.212333] ? __warn+0x89/0x160 [ 845.212339] ? drm_mm_takedown+0x2b/0x40 [ 845.212344] ? report_bug+0x17e/0x1b0 [ 845.212350] ? handle_bug+0x51/0xa0 [ 845.212355] ? exc_invalid_op+0x18/0x80 [ 845.212359] ? asm_exc_invalid_op+0x1b/0x20 [ 845.212366] ? drm_mm_takedown+0x2b/0x40 [ 845.212371] amdgpu_gtt_mgr_fini+0xa9/0x130 [amdgpu] [ 845.212645] amdgpu_ttm_fini+0x264/0x340 [amdgpu] [ 845.212770] amdgpu_bo_fini+0x2e/0xc0 [amdgpu] [ 845.212894] gmc_v12_0_sw_fini+0x2a/0x40 [amdgpu] [ 845.213036] amdgpu_device_fini_sw+0x11a/0x590 [amdgpu] [ 845.213159] amdgpu_driver_release_kms+0x16/0x40 [amdgpu] [ 845.213302] devm_drm_dev_init_release+0x5e/0x90 [ 845.213305] devm_action_release+0x12/0x30 [ 845.213308] release_nodes+0x42/0xd0 [ 845.213311] devres_release_all+0x97/0xe0 [ 845.213314] device_unbind_cleanup+0x12/0x80 [ 845.213317] device_release_driver_internal+0x230/0x270 [ 845.213319] ? srso_alias_return_thunk+0x5/0xfbef5 This is caused by lost memory during early init phase. First time driver is removed, memory is freed but when second time the driver is inserted, VBIOS dmub is not active, since the PSP policy is to retain the driver loaded version on subsequent warm boots. Hence, communication with VBIOS DMUB fails. Fix this by aborting further comm ---truncated---
AI-Powered Analysis
Technical Analysis
CVE-2024-56542 is a vulnerability identified in the Linux kernel's AMD GPU driver subsystem, specifically within the Direct Rendering Manager (DRM) component for AMD graphics (amdgpu). The flaw relates to a memory leak issue that occurs when the amdgpu kernel module is removed and reinserted. The problem manifests during the driver's teardown phase, where memory allocated for GPU management structures is not properly freed on subsequent driver reloads. This leads to a call trace warning indicating that the memory manager is not clean during takedown, with kernel logs showing a stack trace in the drm_mm_takedown function. The root cause is linked to the VBIOS DMUB (Display Microcontroller Unit BIOS) communication failure during the second initialization of the driver. The PSP (Platform Security Processor) policy retains the driver-loaded version across warm boots, causing the VBIOS DMUB to remain inactive on subsequent driver loads, which prevents proper communication and cleanup. This results in lost memory allocations during the early initialization phase that are not reclaimed, causing a memory leak. While the vulnerability does not appear to allow direct code execution or privilege escalation, it can degrade system stability and reliability by exhausting kernel memory resources over time, especially on systems that frequently reload the amdgpu driver. The issue affects Linux kernel versions containing the vulnerable amdgpu driver code referenced by the provided commit hashes. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2024-56542 primarily concerns systems running Linux with AMD GPUs, particularly in environments where the amdgpu driver is dynamically loaded and unloaded, such as in development, testing, or certain virtualization scenarios. The memory leak could lead to kernel memory exhaustion, causing system instability, crashes, or degraded performance. This may affect critical infrastructure relying on Linux servers or workstations with AMD graphics, including research institutions, media production companies, and enterprises using AMD-powered Linux desktops or servers. While the vulnerability does not directly expose confidential data or allow remote code execution, the resulting instability could disrupt business operations, cause downtime, and increase maintenance costs. Systems used in high-availability or real-time environments may be particularly sensitive to such disruptions. Given the widespread use of Linux across European public and private sectors, especially in countries with strong open-source adoption, the vulnerability poses a moderate operational risk if unmitigated.
Mitigation Recommendations
To mitigate CVE-2024-56542, organizations should apply the latest Linux kernel updates that include the patch fixing the amdgpu memory leak as soon as they become available from their Linux distribution vendors. Until patched, administrators should avoid repeatedly unloading and reloading the amdgpu driver module to prevent triggering the memory leak. Monitoring kernel logs for warnings related to drm_mm_takedown or amdgpu driver issues can help detect attempts to exploit or encounter this problem. For environments requiring frequent driver reloads, consider using alternative GPU drivers or hardware configurations that do not rely on the vulnerable amdgpu driver. Additionally, implementing kernel memory usage monitoring and alerting can provide early warning of memory leaks impacting system stability. In virtualized or containerized environments, isolating GPU resources and limiting driver reload operations can reduce exposure. Coordination with hardware vendors and Linux distribution maintainers is recommended to ensure timely patch deployment and validation.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-12-27T14:03:05.988Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9823c4522896dcbdf1a1
Added to database: 5/21/2025, 9:08:51 AM
Last enriched: 6/28/2025, 11:39:49 AM
Last updated: 8/2/2025, 12:56:17 PM
Views: 15
Related Threats
CVE-2025-8933: Cross Site Scripting in 1000 Projects Sales Management System
MediumCVE-2025-8932: SQL Injection in 1000 Projects Sales Management System
MediumCVE-2025-8931: SQL Injection in code-projects Medical Store Management System
MediumCVE-2025-8930: SQL Injection in code-projects Medical Store Management System
MediumCVE-2025-50610: n/a
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.