{
  "threat_severity" : "Low",
  "public_date" : "2024-05-19T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: drm: Check output polling initialized before disabling",
    "id" : "2281526",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2281526"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\ndrm: Check output polling initialized before disabling\nIn drm_kms_helper_poll_disable() check if output polling\nsupport is initialized before disabling polling. If not flag\nthis as a warning.\nAdditionally in drm_mode_config_helper_suspend() and\ndrm_mode_config_helper_resume() calls, that re the callers of these\nfunctions, avoid invoking them if polling is not initialized.\nFor drivers like hyperv-drm, that do not initialize connector\npolling, if suspend is called without this check, it leads to\nsuspend failure with following stack\n[  770.719392] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) done.\n[  770.720592] printk: Suspending console(s) (use no_console_suspend to debug)\n[  770.948823] ------------[ cut here ]------------\n[  770.948824] WARNING: CPU: 1 PID: 17197 at kernel/workqueue.c:3162 __flush_work.isra.0+0x212/0x230\n[  770.948831] Modules linked in: rfkill nft_counter xt_conntrack xt_owner udf nft_compat crc_itu_t nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables nfnetlink vfat fat mlx5_ib ib_uverbs ib_core mlx5_core intel_rapl_msr intel_rapl_common kvm_amd ccp mlxfw kvm psample hyperv_drm tls drm_shmem_helper drm_kms_helper irqbypass pcspkr syscopyarea sysfillrect sysimgblt hv_balloon hv_utils joydev drm fuse xfs libcrc32c pci_hyperv pci_hyperv_intf sr_mod sd_mod cdrom t10_pi sg hv_storvsc scsi_transport_fc hv_netvsc serio_raw hyperv_keyboard hid_hyperv crct10dif_pclmul crc32_pclmul crc32c_intel hv_vmbus ghash_clmulni_intel dm_mirror dm_region_hash dm_log dm_mod\n[  770.948863] CPU: 1 PID: 17197 Comm: systemd-sleep Not tainted 5.14.0-362.2.1.el9_3.x86_64 #1\n[  770.948865] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022\n[  770.948866] RIP: 0010:__flush_work.isra.0+0x212/0x230\n[  770.948869] Code: 8b 4d 00 4c 8b 45 08 89 ca 48 c1 e9 04 83 e2 08 83 e1 0f 83 ca 02 89 c8 48 0f ba 6d 00 03 e9 25 ff ff ff 0f 0b e9 4e ff ff ff <0f> 0b 45 31 ed e9 44 ff ff ff e8 8f 89 b2 00 66 66 2e 0f 1f 84 00\n[  770.948870] RSP: 0018:ffffaf4ac213fb10 EFLAGS: 00010246\n[  770.948871] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8c992857\n[  770.948872] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff9aad82b00330\n[  770.948873] RBP: ffff9aad82b00330 R08: 0000000000000000 R09: ffff9aad87ee3d10\n[  770.948874] R10: 0000000000000200 R11: 0000000000000000 R12: ffff9aad82b00330\n[  770.948874] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001\n[  770.948875] FS:  00007ff1b2f6bb40(0000) GS:ffff9aaf37d00000(0000) knlGS:0000000000000000\n[  770.948878] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  770.948878] CR2: 0000555f345cb666 CR3: 00000001462dc005 CR4: 0000000000370ee0\n[  770.948879] Call Trace:\n[  770.948880]  <TASK>\n[  770.948881]  ? show_trace_log_lvl+0x1c4/0x2df\n[  770.948884]  ? show_trace_log_lvl+0x1c4/0x2df\n[  770.948886]  ? __cancel_work_timer+0x103/0x190\n[  770.948887]  ? __flush_work.isra.0+0x212/0x230\n[  770.948889]  ? __warn+0x81/0x110\n[  770.948891]  ? __flush_work.isra.0+0x212/0x230\n[  770.948892]  ? report_bug+0x10a/0x140\n[  770.948895]  ? handle_bug+0x3c/0x70\n[  770.948898]  ? exc_invalid_op+0x14/0x70\n[  770.948899]  ? asm_exc_invalid_op+0x16/0x20\n[  770.948903]  ? __flush_work.isra.0+0x212/0x230\n[  770.948905]  __cancel_work_timer+0x103/0x190\n[  770.948907]  ? _raw_spin_unlock_irqrestore+0xa/0x30\n[  770.948910]  drm_kms_helper_poll_disable+0x1e/0x40 [drm_kms_helper]\n[  770.948923]  drm_mode_config_helper_suspend+0x1c/0x80 [drm_kms_helper]\n[  770.948933]  ? __pfx_vmbus_suspend+0x10/0x10 [hv_vmbus]\n[  770.948942]  hyperv_vmbus_suspend+0x17/0x40 [hyperv_drm]\n[  770.948944]  ? __pfx_vmbus_suspend+0x10/0x10 [hv_vmbus]\n[  770.948951]  dpm_run_callback+0x4c/0x140\n[  770.948954]  __device_suspend_noir\n---truncated---", "In the Linux kernel, the following vulnerability has been resolved:\ndrm: Check output polling initialized before disabling\nThe Linux kernel CVE team has assigned CVE-2024-35927 to this issue.\nUpstream advisory:\nhttps://lore.kernel.org/linux-cve-announce/2024051915-CVE-2024-35927-2100@gregkh/T" ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-11-12T00:00:00Z",
    "advisory" : "RHSA-2024:9315",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-503.11.1.el9_5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-11-12T00:00:00Z",
    "advisory" : "RHSA-2024:9315",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-503.11.1.el9_5"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-35927\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35927\nhttps://lore.kernel.org/linux-cve-announce/2024051915-CVE-2024-35927-2100@gregkh/T" ],
  "name" : "CVE-2024-35927",
  "csaw" : false
}