CVE-2024-27409

high

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the HDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred.

References

https://git.kernel.org/stable/c/712a92a48158e02155b4b6b21e03a817f78c9b7e

https://git.kernel.org/stable/c/227ef58a9b0c372efba422e8886a8015a1509eba

https://git.kernel.org/stable/c/17be6f5cb223f22e4733ed8fe8b2247cbb677716

Details

Source: Mitre, NVD

Published: 2024-05-17

Updated: 2024-05-17

Risk Information

CVSS v2

Base Score: 8.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C

Severity: High

CVSS v3

Base Score: 7.4

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.0016