CVE-2024-46716

Summary

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor

Remove list_del call in msgdma_chan_desc_cleanup, this should be the role of msgdma_free_descriptor. In consequence replace list_add_tail with list_move_tail in msgdma_free_descriptor.

This fixes the path: msgdma_free_chan_resources -> msgdma_free_descriptors -> msgdma_free_desc_list -> msgdma_free_descriptor

which does not correctly free the descriptors as first nodes were not removed from the list.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa85c6f1b2921cbd2f54666a52804f407c4a064fe < a3480e59fdbe5585d2d1eff0bed7671583acf725affected
LinuxLinuxa85c6f1b2921cbd2f54666a52804f407c4a064fe < 20bf2920a869f9dbda0ef8c94c87d1901a64a716affected
LinuxLinuxa85c6f1b2921cbd2f54666a52804f407c4a064fe < db67686676c7becc1910bf1d6d51505876821863affected
LinuxLinuxa85c6f1b2921cbd2f54666a52804f407c4a064fe < 54e4ada1a4206f878e345ae01cf37347d803d1b1affected
LinuxLinux4.14affected
LinuxLinux0 < 4.14unaffected
LinuxLinux6.1.109 <= 6.1.*unaffected
LinuxLinux6.6.50 <= 6.6.*unaffected
LinuxLinux6.10.9 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References