CVE-2024-41011: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-41011 is a vulnerability in the Linux kernel's AMD Kernel Fusion Driver (AMDKFD) related to mapping the MMIO HDP page with large pages. The issue was discovered and disclosed in July 2024, affecting Linux kernel versions from 5.3 up to versions before 5.4.283, 5.10.225, 5.15.166, and 6.1.91. The vulnerability exists in the way the driver handles the remapping of HDP flush registers in the GPU's register BAR space (NVD).

The vulnerability occurs in the AMDKFD driver when mapping MMIO HDP pages. The GPU has an unused 4K area of the register BAR space where registers can be remapped. The driver remaps HDP flush registers into this space to allow userspace (CPU or GPU) to flush the HDP when updating VRAM. However, on systems with page sizes larger than 4K, the driver incorrectly exposes PAGE_SIZE of MMIO space instead of the intended 4K area. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could potentially allow exposure of sensitive MMIO space beyond the intended 4K area on systems with large page sizes, which could lead to unauthorized access to memory-mapped I/O regions. This could result in high impacts on confidentiality, integrity, and availability of the affected system (NVD).

The vulnerability has been patched in multiple Linux kernel versions. The fix involves adding checks to prevent mapping the MMIO HDP page with large pages. The patch has been backported to various stable kernel versions and is available through distribution-specific updates. Multiple Linux distributions including Ubuntu, Debian, and Red Hat have released updates to address this vulnerability (Kernel Patch).