{"id":"CVE-2024-46896","summary":"drm/amdgpu: don't access invalid sched","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: don't access invalid sched\n\nSince 2320c9e6a768 (\"drm/sched: memset() 'job' in drm_sched_job_init()\")\naccessing job-\u003ebase.sched can produce unexpected results as the initialisation\nof (*job)-\u003ebase.sched done in amdgpu_job_alloc is overwritten by the\nmemset.\n\nThis commit fixes an issue when a CS would fail validation and would\nbe rejected after job-\u003enum_ibs is incremented. In this case,\namdgpu_ib_free(ring-\u003eadev, ...) will be called, which would crash the\nmachine because the ring value is bogus.\n\nTo fix this, pass a NULL pointer to amdgpu_ib_free(): we can do this\nbecause the device is actually not used in this function.\n\nThe next commit will remove the ring argument completely.\n\n(cherry picked from commit 2ae520cb12831d264ceb97c61f72c59d33c0dbd7)","modified":"2026-03-20T12:37:59.033551Z","published":"2025-01-11T12:35:34.351Z","related":["MGASA-2025-0030","MGASA-2025-0032","SUSE-SU-2025:0289-1","SUSE-SU-2025:0428-1","SUSE-SU-2025:0499-1","SUSE-SU-2025:0557-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/46xxx/CVE-2024-46896.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/65501a4fd84ecdc0af863dbb37759242aab9f2dd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/67291d601f2b032062b1b2f60ffef1b63e10094c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a93b1020eb9386d7da11608477121b10079c076a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/da6b2c626ae73c303378ce9eaf6e3eaf16c9925a"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/46xxx/CVE-2024-46896.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46896"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"166df51487f46b6e997dfeea7ca0c2a970853f07"},{"fixed":"65501a4fd84ecdc0af863dbb37759242aab9f2dd"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"87210234e5a273ebf9c4110a6aa82b8221478daa"},{"fixed":"da6b2c626ae73c303378ce9eaf6e3eaf16c9925a"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2da108b4b5fb7ec04d7e951418ed80e97f7c35ad"},{"fixed":"67291d601f2b032062b1b2f60ffef1b63e10094c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2320c9e6a768d135c7b0039995182bb1a4e4fd22"},{"fixed":"a93b1020eb9386d7da11608477121b10079c076a"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46896.json"}}],"schema_version":"1.7.5"}