CVE-2024-58091 Information

Description

In the Linux kernel the following vulnerability has been resolved:

drm/fbdev-dma: Add shadow buffering for deferred I/O

DMA areas are not necessarily backed by struct page so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it as framebuffer memory.

Fixes driver errors about being �nable to handle kernel NULL pointer dereference at virtual address\ or �nable to handle kernel paging request at virtual address.

The patch splits drm_fbdev_dma_driver_fbdev_probe() in an initial allocation which creates the DMA-backed buffer object and a tail that sets up the fbdev data structures. There is a tail function for direct memory mappings and a tail function for deferred I/O with the shadow buffer.

It is no longer possible to use deferred I/O without shadow buffer. It can be re-added if there exists a reliably test for usable struct page in the allocated DMA-backed buffer object.

Reference

https://git.kernel.org/stable/c/3603996432997f7c88da37a97062a46cda01ac9d https://git.kernel.org/stable/c/cdc581169942de3b9e2648cfbd98c5ff9111c2c8