CVE-2024-26788

Summary

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: fsl-qdma: init irq after reg initialization

Initialize the qDMA irqs after the registers are configured so that interrupts that may have been pending from a primary kernel don't get processed by the irq handler before it is ready to and cause panic with the following trace:

Call trace: fsl_qdma_queue_handler+0xf8/0x3e8 __handle_irq_event_percpu+0x78/0x2b0 handle_irq_event_percpu+0x1c/0x68 handle_irq_event+0x44/0x78 handle_fasteoi_irq+0xc8/0x178 generic_handle_irq+0x24/0x38 __handle_domain_irq+0x90/0x100 gic_handle_irq+0x5c/0xb8 el1_irq+0xb8/0x180 _raw_spin_unlock_irqrestore+0x14/0x40 __setup_irq+0x4bc/0x798 request_threaded_irq+0xd8/0x190 devm_request_threaded_irq+0x74/0xe8 fsl_qdma_probe+0x4d4/0xca8 platform_drv_probe+0x50/0xa0 really_probe+0xe0/0x3f8 driver_probe_device+0x64/0x130 device_driver_attach+0x6c/0x78 __driver_attach+0xbc/0x158 bus_for_each_dev+0x5c/0x98 driver_attach+0x20/0x28 bus_add_driver+0x158/0x220 driver_register+0x60/0x110 __platform_driver_register+0x44/0x50 fsl_qdma_driver_init+0x18/0x20 do_one_initcall+0x48/0x258 kernel_init_freeable+0x1a4/0x23c kernel_init+0x10/0xf8 ret_from_fork+0x10/0x18

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb092529e0aa09829a6404424ce167bf3ce3235e2 < 3cc5fb824c2125aa3740d905b3e5b378c8a09478affected
LinuxLinuxb092529e0aa09829a6404424ce167bf3ce3235e2 < 9579a21e99fe8dab22a253050ddff28d340d74e1affected
LinuxLinuxb092529e0aa09829a6404424ce167bf3ce3235e2 < 4529c084a320be78ff2c5e64297ae998c6fdf66baffected
LinuxLinuxb092529e0aa09829a6404424ce167bf3ce3235e2 < 474d521da890b3e3585335fb80a6044cb2553d99affected
LinuxLinuxb092529e0aa09829a6404424ce167bf3ce3235e2 < a69c8bbb946936ac4eb6a6ae1e849435aa8d947daffected
LinuxLinuxb092529e0aa09829a6404424ce167bf3ce3235e2 < 677102a930643c31f1b4c512b041407058bdfef8affected
LinuxLinuxb092529e0aa09829a6404424ce167bf3ce3235e2 < 87a39071e0b639f45e05d296cc0538eef44ec0bdaffected
LinuxLinux5.1affected
LinuxLinux0 < 5.1unaffected
LinuxLinux5.4.271 <= 5.4.*unaffected
LinuxLinux5.10.212 <= 5.10.*unaffected
LinuxLinux5.15.151 <= 5.15.*unaffected
LinuxLinux6.1.81 <= 6.1.*unaffected
LinuxLinux6.6.21 <= 6.6.*unaffected
LinuxLinux6.7.9 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References