CVE-2024-57918: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix page fault due to max surface definition mismatch DC driver is using two different values to define the maximum number of surfaces: MAX_SURFACES and MAX_SURFACE_NUM. Consolidate MAX_SURFACES as the unique definition for surface updates across DC. It fixes page fault faced by Cosmic users on AMD display versions that support two overlay planes, since the introduction of cursor overlay mode. [Nov26 21:33] BUG: unable to handle page fault for address: 0000000051d0f08b [ +0.000015] #PF: supervisor read access in kernel mode [ +0.000006] #PF: error_code(0x0000) - not-present page [ +0.000005] PGD 0 P4D 0 [ +0.000007] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI [ +0.000006] CPU: 4 PID: 71 Comm: kworker/u32:6 Not tainted 6.10.0+ #300 [ +0.000006] Hardware name: Valve Jupiter/Jupiter, BIOS F7A0131 01/30/2024 [ +0.000007] Workqueue: events_unbound commit_work [drm_kms_helper] [ +0.000040] RIP: 0010:copy_stream_update_to_stream.isra.0+0x30d/0x750 [amdgpu] [ +0.000847] Code: 8b 10 49 89 94 24 f8 00 00 00 48 8b 50 08 49 89 94 24 00 01 00 00 8b 40 10 41 89 84 24 08 01 00 00 49 8b 45 78 48 85 c0 74 0b <0f> b6 00 41 88 84 24 90 64 00 00 49 8b 45 60 48 85 c0 74 3b 48 8b [ +0.000010] RSP: 0018:ffffc203802f79a0 EFLAGS: 00010206 [ +0.000009] RAX: 0000000051d0f08b RBX: 0000000000000004 RCX: ffff9f964f0a8070 [ +0.000004] RDX: ffff9f9710f90e40 RSI: ffff9f96600c8000 RDI: ffff9f964f000000 [ +0.000004] RBP: ffffc203802f79f8 R08: 0000000000000000 R09: 0000000000000000 [ +0.000005] R10: 0000000000000000 R11: 0000000000000000 R12: ffff9f96600c8000 [ +0.000004] R13: ffff9f9710f90e40 R14: ffff9f964f000000 R15: ffff9f96600c8000 [ +0.000004] FS: 0000000000000000(0000) GS:ffff9f9970000000(0000) knlGS:0000000000000000 [ +0.000005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ +0.000005] CR2: 0000000051d0f08b CR3: 00000002e6a20000 CR4: 0000000000350ef0 [ +0.000005] Call Trace: [ +0.000011] <TASK> [ +0.000010] ? __die_body.cold+0x19/0x27 [ +0.000012] ? page_fault_oops+0x15a/0x2d0 [ +0.000014] ? exc_page_fault+0x7e/0x180 [ +0.000009] ? asm_exc_page_fault+0x26/0x30 [ +0.000013] ? copy_stream_update_to_stream.isra.0+0x30d/0x750 [amdgpu] [ +0.000739] ? dc_commit_state_no_check+0xd6c/0xe70 [amdgpu] [ +0.000470] update_planes_and_stream_state+0x49b/0x4f0 [amdgpu] [ +0.000450] ? srso_return_thunk+0x5/0x5f [ +0.000009] ? commit_minimal_transition_state+0x239/0x3d0 [amdgpu] [ +0.000446] update_planes_and_stream_v2+0x24a/0x590 [amdgpu] [ +0.000464] ? srso_return_thunk+0x5/0x5f [ +0.000009] ? sort+0x31/0x50 [ +0.000007] ? amdgpu_dm_atomic_commit_tail+0x159f/0x3a30 [amdgpu] [ +0.000508] ? srso_return_thunk+0x5/0x5f [ +0.000009] ? amdgpu_crtc_get_scanout_position+0x28/0x40 [amdgpu] [ +0.000377] ? srso_return_thunk+0x5/0x5f [ +0.000009] ? drm_crtc_vblank_helper_get_vblank_timestamp_internal+0x160/0x390 [drm] [ +0.000058] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? dma_fence_default_wait+0x8c/0x260 [ +0.000010] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? wait_for_completion_timeout+0x13b/0x170 [ +0.000006] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? dma_fence_wait_timeout+0x108/0x140 [ +0.000010] ? commit_tail+0x94/0x130 [drm_kms_helper] [ +0.000024] ? process_one_work+0x177/0x330 [ +0.000008] ? worker_thread+0x266/0x3a0 [ +0.000006] ? __pfx_worker_thread+0x10/0x10 [ +0.000004] ? kthread+0xd2/0x100 [ +0.000006] ? __pfx_kthread+0x10/0x10 [ +0.000006] ? ret_from_fork+0x34/0x50 [ +0.000004] ? __pfx_kthread+0x10/0x10 [ +0.000005] ? ret_from_fork_asm+0x1a/0x30 [ +0.000011] </TASK> (cherry picked from commit 1c86c81a86c60f9b15d3e3f43af0363cf56063e7)
AI Analysis
Technical Summary
CVE-2024-57918 is a vulnerability identified in the Linux kernel, specifically within the Direct Rendering Manager (DRM) AMD display driver component. The flaw arises from inconsistent definitions of the maximum number of surfaces used by the Display Core (DC) driver. Two different constants, MAX_SURFACES and MAX_SURFACE_NUM, were used to define this limit, leading to a mismatch. This inconsistency can cause a page fault in kernel mode when the driver attempts to update display surfaces, particularly affecting AMD GPU versions that support two overlay planes and the cursor overlay mode. The vulnerability manifests as a kernel page fault (#PF) due to supervisor read access to a non-present page, resulting in an 'Oops' error and potential kernel crash. The detailed kernel logs indicate the fault occurs in the function copy_stream_update_to_stream within the amdgpu driver, triggered during the commit of display state changes. This bug was notably observed on Valve Jupiter hardware running Linux kernel version 6.10.0+, causing instability for users of Cosmic AMD display versions. The root cause was addressed by consolidating the surface limit definitions into a single consistent value (MAX_SURFACES) to prevent the mismatch and subsequent page fault. There are no known exploits in the wild, and no CVSS score has been assigned yet. The vulnerability requires kernel-level execution context and is triggered by display driver operations, implying no direct remote exploitation without prior system access.
Potential Impact
For European organizations, this vulnerability primarily threatens system stability and availability on Linux systems utilizing AMD GPUs with affected drivers. Organizations relying on Linux servers or workstations with AMD graphics hardware, especially those using overlay planes or cursor overlay modes, may experience kernel crashes leading to service interruptions or system reboots. This can impact critical infrastructure, development environments, or any graphical workloads dependent on AMD GPUs. Although the vulnerability does not directly expose confidentiality or integrity risks, repeated kernel faults could lead to denial of service conditions, affecting operational continuity. In environments where Linux is used for workstation graphics or specialized computing (e.g., media production, scientific visualization), this could degrade productivity. The lack of remote exploitability limits the threat to local or privileged users, but insider threats or compromised systems could trigger the fault to cause disruption. European organizations with high reliance on Linux AMD GPU systems should prioritize patching to maintain system reliability.
Mitigation Recommendations
1. Apply the official Linux kernel patches that consolidate the MAX_SURFACES definitions and fix the page fault issue. Ensure kernel versions are updated to include the commit referenced (commit 1c86c81a86c60f9b15d3e3f43af0363cf56063e7) or later stable releases containing the fix. 2. For organizations unable to immediately update kernels, consider disabling features related to overlay planes or cursor overlay modes in the AMD GPU driver configuration to reduce the risk of triggering the fault. 3. Monitor system logs for kernel page faults or Oops messages related to amdgpu and drm_kms_helper components to detect potential triggering of this vulnerability. 4. Limit local user privileges to prevent unauthorized triggering of kernel-level faults via display driver operations. 5. In virtualized or containerized environments, ensure that AMD GPU passthrough or sharing configurations are updated and tested with patched kernels. 6. Coordinate with hardware vendors (e.g., AMD, Valve) for firmware or driver updates that complement kernel fixes. 7. Maintain robust backup and recovery procedures to mitigate impact from unexpected system crashes.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain
CVE-2024-57918: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix page fault due to max surface definition mismatch DC driver is using two different values to define the maximum number of surfaces: MAX_SURFACES and MAX_SURFACE_NUM. Consolidate MAX_SURFACES as the unique definition for surface updates across DC. It fixes page fault faced by Cosmic users on AMD display versions that support two overlay planes, since the introduction of cursor overlay mode. [Nov26 21:33] BUG: unable to handle page fault for address: 0000000051d0f08b [ +0.000015] #PF: supervisor read access in kernel mode [ +0.000006] #PF: error_code(0x0000) - not-present page [ +0.000005] PGD 0 P4D 0 [ +0.000007] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI [ +0.000006] CPU: 4 PID: 71 Comm: kworker/u32:6 Not tainted 6.10.0+ #300 [ +0.000006] Hardware name: Valve Jupiter/Jupiter, BIOS F7A0131 01/30/2024 [ +0.000007] Workqueue: events_unbound commit_work [drm_kms_helper] [ +0.000040] RIP: 0010:copy_stream_update_to_stream.isra.0+0x30d/0x750 [amdgpu] [ +0.000847] Code: 8b 10 49 89 94 24 f8 00 00 00 48 8b 50 08 49 89 94 24 00 01 00 00 8b 40 10 41 89 84 24 08 01 00 00 49 8b 45 78 48 85 c0 74 0b <0f> b6 00 41 88 84 24 90 64 00 00 49 8b 45 60 48 85 c0 74 3b 48 8b [ +0.000010] RSP: 0018:ffffc203802f79a0 EFLAGS: 00010206 [ +0.000009] RAX: 0000000051d0f08b RBX: 0000000000000004 RCX: ffff9f964f0a8070 [ +0.000004] RDX: ffff9f9710f90e40 RSI: ffff9f96600c8000 RDI: ffff9f964f000000 [ +0.000004] RBP: ffffc203802f79f8 R08: 0000000000000000 R09: 0000000000000000 [ +0.000005] R10: 0000000000000000 R11: 0000000000000000 R12: ffff9f96600c8000 [ +0.000004] R13: ffff9f9710f90e40 R14: ffff9f964f000000 R15: ffff9f96600c8000 [ +0.000004] FS: 0000000000000000(0000) GS:ffff9f9970000000(0000) knlGS:0000000000000000 [ +0.000005] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ +0.000005] CR2: 0000000051d0f08b CR3: 00000002e6a20000 CR4: 0000000000350ef0 [ +0.000005] Call Trace: [ +0.000011] <TASK> [ +0.000010] ? __die_body.cold+0x19/0x27 [ +0.000012] ? page_fault_oops+0x15a/0x2d0 [ +0.000014] ? exc_page_fault+0x7e/0x180 [ +0.000009] ? asm_exc_page_fault+0x26/0x30 [ +0.000013] ? copy_stream_update_to_stream.isra.0+0x30d/0x750 [amdgpu] [ +0.000739] ? dc_commit_state_no_check+0xd6c/0xe70 [amdgpu] [ +0.000470] update_planes_and_stream_state+0x49b/0x4f0 [amdgpu] [ +0.000450] ? srso_return_thunk+0x5/0x5f [ +0.000009] ? commit_minimal_transition_state+0x239/0x3d0 [amdgpu] [ +0.000446] update_planes_and_stream_v2+0x24a/0x590 [amdgpu] [ +0.000464] ? srso_return_thunk+0x5/0x5f [ +0.000009] ? sort+0x31/0x50 [ +0.000007] ? amdgpu_dm_atomic_commit_tail+0x159f/0x3a30 [amdgpu] [ +0.000508] ? srso_return_thunk+0x5/0x5f [ +0.000009] ? amdgpu_crtc_get_scanout_position+0x28/0x40 [amdgpu] [ +0.000377] ? srso_return_thunk+0x5/0x5f [ +0.000009] ? drm_crtc_vblank_helper_get_vblank_timestamp_internal+0x160/0x390 [drm] [ +0.000058] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? dma_fence_default_wait+0x8c/0x260 [ +0.000010] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? wait_for_completion_timeout+0x13b/0x170 [ +0.000006] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? dma_fence_wait_timeout+0x108/0x140 [ +0.000010] ? commit_tail+0x94/0x130 [drm_kms_helper] [ +0.000024] ? process_one_work+0x177/0x330 [ +0.000008] ? worker_thread+0x266/0x3a0 [ +0.000006] ? __pfx_worker_thread+0x10/0x10 [ +0.000004] ? kthread+0xd2/0x100 [ +0.000006] ? __pfx_kthread+0x10/0x10 [ +0.000006] ? ret_from_fork+0x34/0x50 [ +0.000004] ? __pfx_kthread+0x10/0x10 [ +0.000005] ? ret_from_fork_asm+0x1a/0x30 [ +0.000011] </TASK> (cherry picked from commit 1c86c81a86c60f9b15d3e3f43af0363cf56063e7)
AI-Powered Analysis
Technical Analysis
CVE-2024-57918 is a vulnerability identified in the Linux kernel, specifically within the Direct Rendering Manager (DRM) AMD display driver component. The flaw arises from inconsistent definitions of the maximum number of surfaces used by the Display Core (DC) driver. Two different constants, MAX_SURFACES and MAX_SURFACE_NUM, were used to define this limit, leading to a mismatch. This inconsistency can cause a page fault in kernel mode when the driver attempts to update display surfaces, particularly affecting AMD GPU versions that support two overlay planes and the cursor overlay mode. The vulnerability manifests as a kernel page fault (#PF) due to supervisor read access to a non-present page, resulting in an 'Oops' error and potential kernel crash. The detailed kernel logs indicate the fault occurs in the function copy_stream_update_to_stream within the amdgpu driver, triggered during the commit of display state changes. This bug was notably observed on Valve Jupiter hardware running Linux kernel version 6.10.0+, causing instability for users of Cosmic AMD display versions. The root cause was addressed by consolidating the surface limit definitions into a single consistent value (MAX_SURFACES) to prevent the mismatch and subsequent page fault. There are no known exploits in the wild, and no CVSS score has been assigned yet. The vulnerability requires kernel-level execution context and is triggered by display driver operations, implying no direct remote exploitation without prior system access.
Potential Impact
For European organizations, this vulnerability primarily threatens system stability and availability on Linux systems utilizing AMD GPUs with affected drivers. Organizations relying on Linux servers or workstations with AMD graphics hardware, especially those using overlay planes or cursor overlay modes, may experience kernel crashes leading to service interruptions or system reboots. This can impact critical infrastructure, development environments, or any graphical workloads dependent on AMD GPUs. Although the vulnerability does not directly expose confidentiality or integrity risks, repeated kernel faults could lead to denial of service conditions, affecting operational continuity. In environments where Linux is used for workstation graphics or specialized computing (e.g., media production, scientific visualization), this could degrade productivity. The lack of remote exploitability limits the threat to local or privileged users, but insider threats or compromised systems could trigger the fault to cause disruption. European organizations with high reliance on Linux AMD GPU systems should prioritize patching to maintain system reliability.
Mitigation Recommendations
1. Apply the official Linux kernel patches that consolidate the MAX_SURFACES definitions and fix the page fault issue. Ensure kernel versions are updated to include the commit referenced (commit 1c86c81a86c60f9b15d3e3f43af0363cf56063e7) or later stable releases containing the fix. 2. For organizations unable to immediately update kernels, consider disabling features related to overlay planes or cursor overlay modes in the AMD GPU driver configuration to reduce the risk of triggering the fault. 3. Monitor system logs for kernel page faults or Oops messages related to amdgpu and drm_kms_helper components to detect potential triggering of this vulnerability. 4. Limit local user privileges to prevent unauthorized triggering of kernel-level faults via display driver operations. 5. In virtualized or containerized environments, ensure that AMD GPU passthrough or sharing configurations are updated and tested with patched kernels. 6. Coordinate with hardware vendors (e.g., AMD, Valve) for firmware or driver updates that complement kernel fixes. 7. Maintain robust backup and recovery procedures to mitigate impact from unexpected system crashes.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-01-19T11:50:08.375Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9823c4522896dcbdea38
Added to database: 5/21/2025, 9:08:51 AM
Last enriched: 6/28/2025, 8:56:21 AM
Last updated: 8/17/2025, 6:46:15 AM
Views: 15
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.