Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.3, < 6.6.21 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bbaPatch
- https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3Patch
- https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3aPatch
- https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bbaPatch
- https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3Patch
- https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3aPatch
FAQ
What is CVE-2024-27408?
CVE-2024-27408 is a vulnerability with a CVSS score of 4.7 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are n...
How severe is CVE-2024-27408?
CVE-2024-27408 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-27408?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.