CVE-2024-35795

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-rc7

Description The vulnerability is related to a deadlock scenario in the amdgpu debugfs files. An errant disk backup triggered the deadlock, causing the machine to hard-reset immediately after printing certain lines. The issue is due to a possible circular locking dependency detected, where a task is trying to acquire a lock while already holding another lock that depends on the new lock. The existing dependency chain is complex and involves multiple locks, including reservation ww class mutex and &mm->mmap lock. The vulnerability can lead to a denial-of-service (DoS) condition.

Recommendations To resolve the issue, update the Linux kernel to a version later than 6.8.0-rc7. As a temporary workaround, consider disabling the amdgpu debugfs mqd read function until a patch is available. Additionally, restrict access to the vulnerable debugfs files to minimize the risk of exploitation.