CVE-2024-58091

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/fbdev-dma: Add shadow buffering for deferred I/O<br /> <br /> DMA areas are not necessarily backed by struct page, so we cannot<br /> rely on it for deferred I/O. Allocate a shadow buffer for drivers<br /> that require deferred I/O and use it as framebuffer memory.<br /> <br /> Fixes driver errors about being "Unable to handle kernel NULL pointer<br /> dereference at virtual address" or "Unable to handle kernel paging<br /> request at virtual address".<br /> <br /> The patch splits drm_fbdev_dma_driver_fbdev_probe() in an initial<br /> allocation, which creates the DMA-backed buffer object, and a tail<br /> that sets up the fbdev data structures. There is a tail function for<br /> direct memory mappings and a tail function for deferred I/O with<br /> the shadow buffer.<br /> <br /> It is no longer possible to use deferred I/O without shadow buffer.<br /> It can be re-added if there exists a reliably test for usable struct<br /> page in the allocated DMA-backed buffer object.