CVE-2024-44949

Summary

In the Linux kernel, the following vulnerability has been resolved:

parisc: fix a possible DMA corruption

ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be possible that two unrelated 16-byte allocations share a cache line. If one of these allocations is written using DMA and the other is written using cached write, the value that was written with DMA may be corrupted.

This commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 - that's the largest possible cache line size.

As different parisc microarchitectures have different cache line size, we define arch_slab_minalign(), cache_line_size() and dma_get_cache_alignment() so that the kernel may tune slab cache parameters dynamically, based on the detected cache line size.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa01fece2e4185ac173abd16d10304d73d47ebf00 < 00baca74fb5879e5f9034b6156671301f500f8eeaffected
LinuxLinuxa01fece2e4185ac173abd16d10304d73d47ebf00 < 642a0b7453daff0295310774016fcb56d1f5bc7faffected
LinuxLinuxa01fece2e4185ac173abd16d10304d73d47ebf00 < 533de2f470baac40d3bf622fe631f15231a03c9faffected
LinuxLinuxa01fece2e4185ac173abd16d10304d73d47ebf00 < 7ae04ba36b381bffe2471eff3a93edced843240faffected
LinuxLinux4.4affected
LinuxLinux0 < 4.4unaffected
LinuxLinux6.1.119 <= 6.1.*unaffected
LinuxLinux6.6.46 <= 6.6.*unaffected
LinuxLinux6.10.5 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References