Linux Kernel GPU Throttling Crash Vulnerability

A denial-of-service vulnerability has been identified in the Linux kernel's GPU throttling mechanism. During boot, the GPU may already be hot, causing an immediate application of devfreq cooling. This can lead to a crash by triggering a kernel paging request error. The issue arises because the devfreq state is not properly synchronized after initialization, allowing the devfreq cooling to be applied prematurely, before the necessary components are ready. The vulnerability affects the DRM subsystem, specifically the MSM GPU driver.

Impact

The vulnerability can cause a kernel crash by improperly handling GPU throttling during boot, leading to a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by throttling the GPU immediately during the boot process, before the GPU management unit (GMU) is fully initialized. This can be done by applying devfreq cooling while the GPU is still hot from the boot process, which will cause the GPU_BUSY function to access uninitialized GMU registers, resulting in a crash.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.