CVE-2024-40991

Summary

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: ti: k3-udma-glue: Fix of_k3_udma_glue_parse_chn_by_id()

The of_k3_udma_glue_parse_chn_by_id() helper function erroneously invokes "of_node_put()" on the "udmax_np" device-node passed to it, without having incremented its reference count at any point. Fix it.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux81a1f90f20af71728f900f245aa69e9425fdef84 < a5ab5f413d1e4c7ed5f64271b025f0726374509eaffected
LinuxLinux81a1f90f20af71728f900f245aa69e9425fdef84 < ba27e9d2207784da748b19170a2e56bd7770bd81affected
LinuxLinux6.9affected
LinuxLinux0 < 6.9unaffected
LinuxLinux6.9.7 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References