CVE-2024-35927

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.14.0-362.2.1.el9 3.x86 64

Description: The vulnerability is related to the Linux kernel's drm (Direct Rendering Manager) component. Specifically, it involves the drm kms helper poll disable() function, which checks if output polling support is initialized before disabling polling. If not, it flags this as a warning. Additionally, the drm mode config helper suspend() and drm mode config helper resume() calls avoid invoking them if polling is not initialized. This issue can lead to suspend failure for drivers like hyperv-drm that do not initialize connector polling.

Recommendations: To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, update to a version later than 5.14.0-362.2.1.el9 3.x86 64.

As a temporary workaround, consider disabling the drm kms helper poll disable() function until a patch is available. However, this may have unintended consequences and should be approached with caution.

It is also recommended to avoid invoking drm mode config helper suspend() and drm mode config helper resume() calls if polling is not initialized to prevent suspend failure.

Note: The provided information does not specify the exact version that fixes the vulnerability, so it is recommended to update to the latest available version of the Linux kernel.