{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T00:21:14.824","vulnerabilities":[{"cve":{"id":"CVE-2024-57919","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-01-19T12:15:26.053","lastModified":"2025-10-01T20:18:04.717","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix divide error in DM plane scale calcs\n\ndm_get_plane_scale doesn't take into account plane scaled size equal to\nzero, leading to a kernel oops due to division by zero. Fix by setting\nout-scale size as zero when the dst size is zero, similar to what is\ndone by drm_calc_scale(). This issue started with the introduction of\ncursor ovelay mode that uses this function to assess cursor mode changes\nvia dm_crtc_get_cursor_mode() before checking plane state.\n\n[Dec17 17:14] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n[  +0.000018] CPU: 5 PID: 1660 Comm: surface-DP-1 Not tainted 6.10.0+ #231\n[  +0.000007] Hardware name: Valve Jupiter/Jupiter, BIOS F7A0131 01/30/2024\n[  +0.000004] RIP: 0010:dm_get_plane_scale+0x3f/0x60 [amdgpu]\n[  +0.000553] Code: 44 0f b7 41 3a 44 0f b7 49 3e 83 e0 0f 48 0f a3 c2 73 21 69 41 28 e8 03 00 00 31 d2 41 f7 f1 31 d2 89 06 69 41 2c e8 03 00 00 <41> f7 f0 89 07 e9 d7 d8 7e e9 44 89 c8 45 89 c1 41 89 c0 eb d4 66\n[  +0.000005] RSP: 0018:ffffa8df0de6b8a0 EFLAGS: 00010246\n[  +0.000006] RAX: 00000000000003e8 RBX: ffff9ac65c1f6e00 RCX: ffff9ac65d055500\n[  +0.000003] RDX: 0000000000000000 RSI: ffffa8df0de6b8b0 RDI: ffffa8df0de6b8b4\n[  +0.000004] RBP: ffff9ac64e7a5800 R08: 0000000000000000 R09: 0000000000000a00\n[  +0.000003] R10: 00000000000000ff R11: 0000000000000054 R12: ffff9ac6d0700010\n[  +0.000003] R13: ffff9ac65d054f00 R14: ffff9ac65d055500 R15: ffff9ac64e7a60a0\n[  +0.000004] FS:  00007f869ea00640(0000) GS:ffff9ac970080000(0000) knlGS:0000000000000000\n[  +0.000004] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[  +0.000003] CR2: 000055ca701becd0 CR3: 000000010e7f2000 CR4: 0000000000350ef0\n[  +0.000004] Call Trace:\n[  +0.000007]  <TASK>\n[  +0.000006]  ? __die_body.cold+0x19/0x27\n[  +0.000009]  ? die+0x2e/0x50\n[  +0.000007]  ? do_trap+0xca/0x110\n[  +0.000007]  ? do_error_trap+0x6a/0x90\n[  +0.000006]  ? dm_get_plane_scale+0x3f/0x60 [amdgpu]\n[  +0.000504]  ? exc_divide_error+0x38/0x50\n[  +0.000005]  ? dm_get_plane_scale+0x3f/0x60 [amdgpu]\n[  +0.000488]  ? asm_exc_divide_error+0x1a/0x20\n[  +0.000011]  ? dm_get_plane_scale+0x3f/0x60 [amdgpu]\n[  +0.000593]  dm_crtc_get_cursor_mode+0x33f/0x430 [amdgpu]\n[  +0.000562]  amdgpu_dm_atomic_check+0x2ef/0x1770 [amdgpu]\n[  +0.000501]  drm_atomic_check_only+0x5e1/0xa30 [drm]\n[  +0.000047]  drm_mode_atomic_ioctl+0x832/0xcb0 [drm]\n[  +0.000050]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [drm]\n[  +0.000047]  drm_ioctl_kernel+0xb3/0x100 [drm]\n[  +0.000062]  drm_ioctl+0x27a/0x4f0 [drm]\n[  +0.000049]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [drm]\n[  +0.000055]  amdgpu_drm_ioctl+0x4e/0x90 [amdgpu]\n[  +0.000360]  __x64_sys_ioctl+0x97/0xd0\n[  +0.000010]  do_syscall_64+0x82/0x190\n[  +0.000008]  ? __pfx_drm_mode_createblob_ioctl+0x10/0x10 [drm]\n[  +0.000044]  ? srso_return_thunk+0x5/0x5f\n[  +0.000006]  ? drm_ioctl_kernel+0xb3/0x100 [drm]\n[  +0.000040]  ? srso_return_thunk+0x5/0x5f\n[  +0.000005]  ? __check_object_size+0x50/0x220\n[  +0.000007]  ? srso_return_thunk+0x5/0x5f\n[  +0.000005]  ? srso_return_thunk+0x5/0x5f\n[  +0.000005]  ? drm_ioctl+0x2a4/0x4f0 [drm]\n[  +0.000039]  ? __pfx_drm_mode_createblob_ioctl+0x10/0x10 [drm]\n[  +0.000043]  ? srso_return_thunk+0x5/0x5f\n[  +0.000005]  ? srso_return_thunk+0x5/0x5f\n[  +0.000005]  ? __pm_runtime_suspend+0x69/0xc0\n[  +0.000006]  ? srso_return_thunk+0x5/0x5f\n[  +0.000005]  ? amdgpu_drm_ioctl+0x71/0x90 [amdgpu]\n[  +0.000366]  ? srso_return_thunk+0x5/0x5f\n[  +0.000006]  ? syscall_exit_to_user_mode+0x77/0x210\n[  +0.000007]  ? srso_return_thunk+0x5/0x5f\n[  +0.000005]  ? do_syscall_64+0x8e/0x190\n[  +0.000006]  ? srso_return_thunk+0x5/0x5f\n[  +0.000006]  ? do_syscall_64+0x8e/0x190\n[  +0.000006]  ? srso_return_thunk+0x5/0x5f\n[  +0.000007]  entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[  +0.000008] RIP: 0033:0x55bb7cd962bc\n[  +0.000007] Code: 4c 89 6c 24 18 4c 89 64 24 20 4c 89 74 24 28 0f 57 c0 0f 11 44 24 30 89 c7 48 8d 54 24 08 b8 10 00 00 00 be bc 64\n---truncated---"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: se corrige el error de división en los cálculos de escala del plano DM dm_get_plane_scale no tiene en cuenta el tamaño de escala del plano igual a cero, lo que genera un error en el kernel debido a la división por cero. Se soluciona estableciendo el tamaño de escala exterior como cero cuando el tamaño de dst es cero, de forma similar a lo que hace drm_calc_scale(). Este problema comenzó con la introducción del modo de superposición del cursor que utiliza esta función para evaluar los cambios del modo del cursor a través de dm_crtc_get_cursor_mode() antes de verificar el estado del plano. [Dec17 17:14] Ups: error de división: 0000 [#1] PREEMPT SMP NOPTI [ +0.000018] CPU: 5 PID: 1660 Comm: surface-DP-1 No contaminado 6.10.0+ #231 [ +0.000007] Nombre del hardware: Valve Jupiter/Jupiter, BIOS F7A0131 30/01/2024 [ +0.000004] RIP: 0010:dm_get_plane_scale+0x3f/0x60 [amdgpu] [ +0.000553] Código: 44 0f b7 41 3a 44 0f b7 49 3e 83 e0 0f 48 0f a3 c2 73 21 69 41 28 e8 03 00 00 31 d2 41 f7 f1 31 d2 89 06 69 41 2c e8 03 00 00 &lt;41&gt; f7 f0 89 07 e9 d7 d8 7e e9 44 89 c8 45 89 c1 41 89 c0 eb d4 66 [ +0.000005] RSP: 0018:ffffa8df0de6b8a0 EFLAGS: 00010246 [ +0.000006] RAX: 00000000000003e8 RBX: ffff9ac65c1f6e00 RCX: ffff9ac65d055500 [ +0,000003] RDX: 0000000000000000 RSI: ffffa8df0de6b8b0 RDI: ffffa8df0de6b8b4 [ +0.000004] RBP: ffff9ac64e7a5800 R08: 000000000000000 R09: 0000000000000a00 [ +0.000003] R10: 0000000000000ff R11: 0000000000000054 R12: ffff9ac6d0700010 [ +0.000003] R13: ffff9ac65d054f00 R14: ffff9ac65d055500 R15: ffff9ac64e7a60a0 [ +0.000004] FS: 00007f869ea00640(0000) GS:ffff9ac970080000(0000) knlGS:0000000000000000 [ +0.000004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ +0.000003] CR2: 000055ca701becd0 CR3: 000000010e7f2000 CR4: 0000000000350ef0 [ +0.000004] Rastreo de llamadas: [ +0.000007]  [ +0.000006] ? __die_body.cold+0x19/0x27 [ +0.000009] ? die+0x2e/0x50 [ +0.000007] ? do_trap+0xca/0x110 [ +0.000007] ? do_error_trap+0x6a/0x90 [ +0.000006] ? dm_get_plane_scale+0x3f/0x60 [amdgpu] [ +0.000504] ? exc_divide_error+0x38/0x50 [ +0.000005] ? dm_get_plane_scale+0x3f/0x60 [amdgpu] [ +0.000488] ? [+0.000050] ¿ __pfx_drm_mode_atomic_ioctl+0x10/0x10 [drm] [ +0.000047] drm_ioctl_kernel+0xb3/0x100 [drm] [ +0.000062] drm_ioctl+0x27a/0x4f0 [drm] [ +0.000049] ? __pfx_drm_mode_atomic_ioctl+0x10/0x10 [drm] [ +0.000055] amdgpu_drm_ioctl+0x4e/0x90 [amdgpu] [ +0.000360] __x64_sys_ioctl+0x97/0xd0 [ +0.000010] do_syscall_64+0x82/0x190 [ +0.000008] ? __pfx_drm_mode_createblob_ioctl+0x10/0x10 [drm] [ +0.000044] ? srso_return_thunk+0x5/0x5f [ +0.000006] ? drm_ioctl_kernel+0xb3/0x100 [drm] [ +0.000040] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? __check_object_size+0x50/0x220 [ +0.000007] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? drm_ioctl+0x2a4/0x4f0 [drm] [ +0.000039] ? __pfx_drm_mode_createblob_ioctl+0x10/0x10 [drm] [ +0.000043] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? __pm_runtime_suspend+0x69/0xc0 [ +0.000006] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? amdgpu_drm_ioctl+0x71/0x90 [amdgpu] [ +0.000366] ? srso_return_thunk+0x5/0x5f [ +0.000006] ? syscall_salir_al_modo_usuario+0x77/0x210 [ +0.000007] ? srso_return_thunk+0x5/0x5f [ +0.000005] ? do_syscall_64+0x8e/0x190 [ +0.000006] ? srso_return_thunk+0x5/0x5f [ +0.000006] ? do_syscall_64+0x8e/0x190 [ +0.000006] ? srso_return_thunk+0x5/0x5f [ +0.000007] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ +0.000008] RIP: 0033:0x55bb7cd962bc [ +0.000007] Código: 4c 89 6c 24 18 4c 89 64 24 20 4c 89 74 24 28 0f 57 c0 0f 11 44 24 30 89 c7 48 8d 54 24 08 b8 10 00 00 00 be bc 64 ---truncado---"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-369"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-369"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.12.10","matchCriteriaId":"AD20F8BA-D1BC-4584-8C68-17E958381157"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*","matchCriteriaId":"62567B3C-6CEE-46D0-BC2E-B3717FBF7D13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*","matchCriteriaId":"5A073481-106D-4B15-B4C7-FB0213B8E1D4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc3:*:*:*:*:*:*","matchCriteriaId":"DE491969-75AE-4A6B-9A58-8FC5AF98798F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc4:*:*:*:*:*:*","matchCriteriaId":"93C0660D-7FB8-4FBA-892A-B064BA71E49E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc5:*:*:*:*:*:*","matchCriteriaId":"034C36A6-C481-41F3-AE9A-D116E5BE6895"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.13:rc6:*:*:*:*:*:*","matchCriteriaId":"8AF9DC49-2085-4FFB-A7E3-73DFAFECC7F2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/5225fd2a26211d012533acf98a6ad3f983885817","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c2eaa73bd542b0168a0519e4a1c6e94bc121ec3d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}