CVE-2024-27408

high

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred.

References

https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a

https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3

https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba

Details

Source: Mitre, NVD

Published: 2024-05-17

Updated: 2024-05-17

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.4

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High