CVE-2024-57920: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: wq_release signals dma_fence only when available kfd_process_wq_release() signals eviction fence by dma_fence_signal() which wanrs if dma_fence is NULL. kfd_process->ef is initialized by kfd_process_device_init_vm() through ioctl. That means the fence is NULL for a new created kfd_process, and close a kfd_process right after open it will trigger the warning. This commit conditionally signals the eviction fence in kfd_process_wq_release() only when it is available. [ 503.660882] WARNING: CPU: 0 PID: 9 at drivers/dma-buf/dma-fence.c:467 dma_fence_signal+0x74/0xa0 [ 503.782940] Workqueue: kfd_process_wq kfd_process_wq_release [amdgpu] [ 503.789640] RIP: 0010:dma_fence_signal+0x74/0xa0 [ 503.877620] Call Trace: [ 503.880066] <TASK> [ 503.882168] ? __warn+0xcd/0x260 [ 503.885407] ? dma_fence_signal+0x74/0xa0 [ 503.889416] ? report_bug+0x288/0x2d0 [ 503.893089] ? handle_bug+0x53/0xa0 [ 503.896587] ? exc_invalid_op+0x14/0x50 [ 503.900424] ? asm_exc_invalid_op+0x16/0x20 [ 503.904616] ? dma_fence_signal+0x74/0xa0 [ 503.908626] kfd_process_wq_release+0x6b/0x370 [amdgpu] [ 503.914081] process_one_work+0x654/0x10a0 [ 503.918186] worker_thread+0x6c3/0xe70 [ 503.921943] ? srso_alias_return_thunk+0x5/0xfbef5 [ 503.926735] ? srso_alias_return_thunk+0x5/0xfbef5 [ 503.931527] ? __kthread_parkme+0x82/0x140 [ 503.935631] ? __pfx_worker_thread+0x10/0x10 [ 503.939904] kthread+0x2a8/0x380 [ 503.943132] ? __pfx_kthread+0x10/0x10 [ 503.946882] ret_from_fork+0x2d/0x70 [ 503.950458] ? __pfx_kthread+0x10/0x10 [ 503.954210] ret_from_fork_asm+0x1a/0x30 [ 503.958142] </TASK> [ 503.960328] ---[ end trace 0000000000000000 ]--- (cherry picked from commit 2774ef7625adb5fb9e9265c26a59dca7b8fd171e)
AI Analysis
Technical Summary
CVE-2024-57920 is a vulnerability identified in the Linux kernel, specifically within the AMD GPU driver subsystem (amdkfd). The issue arises in the workqueue release function kfd_process_wq_release(), which is responsible for signaling a DMA fence used for synchronization of GPU memory eviction events. The vulnerability is due to the function dma_fence_signal() being called without verifying if the dma_fence pointer is NULL. This occurs because the eviction fence (kfd_process->ef) is initialized only after a specific ioctl call (kfd_process_device_init_vm()), meaning that a newly created kfd_process has a NULL eviction fence. If a kfd_process is closed immediately after opening, the dma_fence_signal() function is called with a NULL pointer, triggering a kernel warning and potentially causing instability or a kernel crash. The patch conditionally signals the eviction fence only when it is available, preventing the NULL pointer dereference. This vulnerability is a logic flaw in the driver’s handling of process lifecycle events and synchronization fences, leading to a potential denial of service (DoS) via kernel warnings or crashes. Although no known exploits are reported in the wild, the issue affects Linux kernel versions containing the affected commit hashes and impacts systems using AMD GPU drivers with the amdkfd module.
Potential Impact
For European organizations, this vulnerability primarily poses a risk of local denial of service on Linux systems utilizing AMD GPUs, particularly in environments where GPU compute workloads are common, such as scientific research, media production, and cloud infrastructure providers. A kernel warning or crash could disrupt critical services, cause system instability, or require reboots, impacting availability. Confidentiality and integrity impacts are minimal since the flaw is a NULL pointer dereference rather than a privilege escalation or code execution vulnerability. However, in multi-tenant or shared environments, repeated triggering could be used to degrade service reliability. Organizations relying on Linux servers with AMD GPUs for compute tasks or graphical workloads should be aware of this issue. The vulnerability does not require remote exploitation or user interaction but does require the ability to open and close kfd_processes, which may be limited to local users or processes with specific privileges. Thus, the threat is more significant in environments where untrusted users have local access or where automated processes might inadvertently trigger the flaw.
Mitigation Recommendations
To mitigate CVE-2024-57920, European organizations should: 1) Apply the latest Linux kernel updates that include the patch fixing the conditional signaling of the eviction fence in the amdkfd driver. 2) Restrict local user access to systems with AMD GPUs to trusted personnel only, minimizing the risk of accidental or malicious triggering of the vulnerability. 3) Monitor kernel logs for warnings related to dma_fence_signal or amdkfd workqueue releases, which could indicate attempts to trigger the flaw. 4) In environments where kernel updates are delayed, consider disabling or unloading the amdkfd module if GPU compute workloads are not required, to reduce attack surface. 5) For critical systems, implement kernel live patching solutions if available to apply the fix without downtime. 6) Review and harden access controls around ioctl calls related to kfd_process_device_init_vm to prevent unauthorized manipulation of GPU process lifecycles.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain
CVE-2024-57920: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: wq_release signals dma_fence only when available kfd_process_wq_release() signals eviction fence by dma_fence_signal() which wanrs if dma_fence is NULL. kfd_process->ef is initialized by kfd_process_device_init_vm() through ioctl. That means the fence is NULL for a new created kfd_process, and close a kfd_process right after open it will trigger the warning. This commit conditionally signals the eviction fence in kfd_process_wq_release() only when it is available. [ 503.660882] WARNING: CPU: 0 PID: 9 at drivers/dma-buf/dma-fence.c:467 dma_fence_signal+0x74/0xa0 [ 503.782940] Workqueue: kfd_process_wq kfd_process_wq_release [amdgpu] [ 503.789640] RIP: 0010:dma_fence_signal+0x74/0xa0 [ 503.877620] Call Trace: [ 503.880066] <TASK> [ 503.882168] ? __warn+0xcd/0x260 [ 503.885407] ? dma_fence_signal+0x74/0xa0 [ 503.889416] ? report_bug+0x288/0x2d0 [ 503.893089] ? handle_bug+0x53/0xa0 [ 503.896587] ? exc_invalid_op+0x14/0x50 [ 503.900424] ? asm_exc_invalid_op+0x16/0x20 [ 503.904616] ? dma_fence_signal+0x74/0xa0 [ 503.908626] kfd_process_wq_release+0x6b/0x370 [amdgpu] [ 503.914081] process_one_work+0x654/0x10a0 [ 503.918186] worker_thread+0x6c3/0xe70 [ 503.921943] ? srso_alias_return_thunk+0x5/0xfbef5 [ 503.926735] ? srso_alias_return_thunk+0x5/0xfbef5 [ 503.931527] ? __kthread_parkme+0x82/0x140 [ 503.935631] ? __pfx_worker_thread+0x10/0x10 [ 503.939904] kthread+0x2a8/0x380 [ 503.943132] ? __pfx_kthread+0x10/0x10 [ 503.946882] ret_from_fork+0x2d/0x70 [ 503.950458] ? __pfx_kthread+0x10/0x10 [ 503.954210] ret_from_fork_asm+0x1a/0x30 [ 503.958142] </TASK> [ 503.960328] ---[ end trace 0000000000000000 ]--- (cherry picked from commit 2774ef7625adb5fb9e9265c26a59dca7b8fd171e)
AI-Powered Analysis
Technical Analysis
CVE-2024-57920 is a vulnerability identified in the Linux kernel, specifically within the AMD GPU driver subsystem (amdkfd). The issue arises in the workqueue release function kfd_process_wq_release(), which is responsible for signaling a DMA fence used for synchronization of GPU memory eviction events. The vulnerability is due to the function dma_fence_signal() being called without verifying if the dma_fence pointer is NULL. This occurs because the eviction fence (kfd_process->ef) is initialized only after a specific ioctl call (kfd_process_device_init_vm()), meaning that a newly created kfd_process has a NULL eviction fence. If a kfd_process is closed immediately after opening, the dma_fence_signal() function is called with a NULL pointer, triggering a kernel warning and potentially causing instability or a kernel crash. The patch conditionally signals the eviction fence only when it is available, preventing the NULL pointer dereference. This vulnerability is a logic flaw in the driver’s handling of process lifecycle events and synchronization fences, leading to a potential denial of service (DoS) via kernel warnings or crashes. Although no known exploits are reported in the wild, the issue affects Linux kernel versions containing the affected commit hashes and impacts systems using AMD GPU drivers with the amdkfd module.
Potential Impact
For European organizations, this vulnerability primarily poses a risk of local denial of service on Linux systems utilizing AMD GPUs, particularly in environments where GPU compute workloads are common, such as scientific research, media production, and cloud infrastructure providers. A kernel warning or crash could disrupt critical services, cause system instability, or require reboots, impacting availability. Confidentiality and integrity impacts are minimal since the flaw is a NULL pointer dereference rather than a privilege escalation or code execution vulnerability. However, in multi-tenant or shared environments, repeated triggering could be used to degrade service reliability. Organizations relying on Linux servers with AMD GPUs for compute tasks or graphical workloads should be aware of this issue. The vulnerability does not require remote exploitation or user interaction but does require the ability to open and close kfd_processes, which may be limited to local users or processes with specific privileges. Thus, the threat is more significant in environments where untrusted users have local access or where automated processes might inadvertently trigger the flaw.
Mitigation Recommendations
To mitigate CVE-2024-57920, European organizations should: 1) Apply the latest Linux kernel updates that include the patch fixing the conditional signaling of the eviction fence in the amdkfd driver. 2) Restrict local user access to systems with AMD GPUs to trusted personnel only, minimizing the risk of accidental or malicious triggering of the vulnerability. 3) Monitor kernel logs for warnings related to dma_fence_signal or amdkfd workqueue releases, which could indicate attempts to trigger the flaw. 4) In environments where kernel updates are delayed, consider disabling or unloading the amdkfd module if GPU compute workloads are not required, to reduce attack surface. 5) For critical systems, implement kernel live patching solutions if available to apply the fix without downtime. 6) Review and harden access controls around ioctl calls related to kfd_process_device_init_vm to prevent unauthorized manipulation of GPU process lifecycles.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-01-19T11:50:08.375Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9823c4522896dcbdea44
Added to database: 5/21/2025, 9:08:51 AM
Last enriched: 6/28/2025, 8:56:40 AM
Last updated: 7/29/2025, 3:15:36 AM
Views: 14
Related Threats
CVE-2025-9013: SQL Injection in PHPGurukul Online Shopping Portal Project
MediumCVE-2025-9012: SQL Injection in PHPGurukul Online Shopping Portal Project
MediumCVE-2025-9011: SQL Injection in PHPGurukul Online Shopping Portal Project
MediumCVE-2025-9010: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumCVE-2025-9009: SQL Injection in itsourcecode Online Tour and Travel Management System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.