CVE-2024-50206

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init

The loop responsible for allocating up to MTK_FQ_DMA_LENGTH buffers must only touch as many descriptors, otherwise it ends up corrupting unrelated memory. Fix the loop iteration count accordingly.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc57e558194430d10d5e5f4acd8a8655b68dade13 < 68cd084e3ec1512cd383cb3e9cf0ab7ab413724caffected
LinuxLinuxc57e558194430d10d5e5f4acd8a8655b68dade13 < 88806efc034a9830f483963326b99930ad519af1affected
LinuxLinux6f50d0bc1bbd45ce2a6d8f378daa00e56c198e9eaffected
LinuxLinux6.9.6 < 6.10affected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.11.6 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References