CVE-2024-27409

Summary

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup

The Linked list element and pointer are not stored in the same memory as the HDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe74c39573d35e9ac441090ff8183aa3dc2540649 < 227ef58a9b0c372efba422e8886a8015a1509ebaaffected
LinuxLinuxe74c39573d35e9ac441090ff8183aa3dc2540649 < 17be6f5cb223f22e4733ed8fe8b2247cbb677716affected
LinuxLinuxe74c39573d35e9ac441090ff8183aa3dc2540649 < 712a92a48158e02155b4b6b21e03a817f78c9b7eaffected
LinuxLinux6.5affected
LinuxLinux0 < 6.5unaffected
LinuxLinux6.6.21 <= 6.6.*unaffected
LinuxLinux6.7.9 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References