github - ghsa-g8hj-4pg6-q26c

ghsa-g8hj-4pg6-q26c

Vulnerability from github

Published

2024-05-17 12:31

Modified

2024-05-17 12:31

Details

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup

The Linked list element and pointer are not stored in the same memory as the HDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27409"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-17T12:15:11Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup\n\nThe Linked list element and pointer are not stored in the same memory as\nthe HDMA controller register. If the doorbell register is toggled before\nthe full write of the linked list a race condition error will occur.\nIn remote setup we can only use a readl to the memory to assure the full\nwrite has occurred.",
  "id": "GHSA-g8hj-4pg6-q26c",
  "modified": "2024-05-17T12:31:00Z",
  "published": "2024-05-17T12:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27409"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/17be6f5cb223f22e4733ed8fe8b2247cbb677716"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/227ef58a9b0c372efba422e8886a8015a1509eba"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/712a92a48158e02155b4b6b21e03a817f78c9b7e"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2024-27409

Vulnerability from cvelistv5

Published

2024-05-17 11:50

Modified

2024-08-02 00:34

Severity

Summary

dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup

References

URL	Tags
https://git.kernel.org/stable/c/227ef58a9b0c372efba422e8886a8015a1509eba
https://git.kernel.org/stable/c/17be6f5cb223f22e4733ed8fe8b2247cbb677716
https://git.kernel.org/stable/c/712a92a48158e02155b4b6b21e03a817f78c9b7e

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27409",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-20T17:32:55.652133Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:46:17.954Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:34:52.290Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/227ef58a9b0c372efba422e8886a8015a1509eba"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/17be6f5cb223f22e4733ed8fe8b2247cbb677716"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/712a92a48158e02155b4b6b21e03a817f78c9b7e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/dma/dw-edma/dw-hdma-v0-core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "227ef58a9b0c",
              "status": "affected",
              "version": "e74c39573d35",
              "versionType": "git"
            },
            {
              "lessThan": "17be6f5cb223",
              "status": "affected",
              "version": "e74c39573d35",
              "versionType": "git"
            },
            {
              "lessThan": "712a92a48158",
              "status": "affected",
              "version": "e74c39573d35",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/dma/dw-edma/dw-hdma-v0-core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.21",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.9",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup\n\nThe Linked list element and pointer are not stored in the same memory as\nthe HDMA controller register. If the doorbell register is toggled before\nthe full write of the linked list a race condition error will occur.\nIn remote setup we can only use a readl to the memory to assure the full\nwrite has occurred."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T05:28:36.164Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/227ef58a9b0c372efba422e8886a8015a1509eba"
        },
        {
          "url": "https://git.kernel.org/stable/c/17be6f5cb223f22e4733ed8fe8b2247cbb677716"
        },
        {
          "url": "https://git.kernel.org/stable/c/712a92a48158e02155b4b6b21e03a817f78c9b7e"
        }
      ],
      "title": "dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup",
      "x_generator": {
        "engine": "bippy-a5840b7849dd"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27409",
    "datePublished": "2024-05-17T11:50:39.756Z",
    "dateReserved": "2024-02-25T13:47:42.682Z",
    "dateUpdated": "2024-08-02T00:34:52.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.