CVE-2024-53225

Summary

In the Linux kernel, the following vulnerability has been resolved:

iommu/tegra241-cmdqv: Fix alignment failure at max_n_shift

When configuring a kernel with PAGE_SIZE=4KB, depending on its setting of CONFIG_CMA_ALIGNMENT, VCMDQ_LOG2SIZE_MAX=19 could fail the alignment test and trigger a WARN_ON: WARNING: at drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c:3646 Call trace: arm_smmu_init_one_queue+0x15c/0x210 tegra241_cmdqv_init_structures+0x114/0x338 arm_smmu_device_probe+0xb48/0x1d90

Fix it by capping max_n_shift to CMDQ_MAX_SZ_SHIFT as SMMUv3 CMDQ does.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux918eb5c856f6ce4cf93b4b38e4b5e156905c5943 < 85a1d70b86dbcb84a68e7e4942a5181276945988affected
LinuxLinux918eb5c856f6ce4cf93b4b38e4b5e156905c5943 < a3799717b881aa0f4e722afb70e7b8ba84ae4f36affected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.2 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References