CVE-2024-45012

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9.0-rc3Lyude-Test+ #30

Description The Linux kernel has a vulnerability related to the use of a non-coherent DMA allocator in the nouveau firmware. When the SG DEBUG feature is enabled in the kernel and the IOMMU is active, the nouveau driver can encounter a BUG() on startup. This issue is caused by an invalid opcode and can lead to a system crash. The vulnerability is related to the sg init one function and the nvkm firmware ctor function, among others. To fix this issue, using the non-coherent allocator instead of the current allocator is recommended.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the non-coherent DMA allocator in the nouveau firmware. If an update is not available, consider disabling the SG DEBUG feature or the IOMMU to prevent the BUG() from occurring. Additionally, as a temporary workaround, consider disabling the sg init one function or restricting access to the nvkm firmware ctor function until a patch is available.