vulnerability
Ubuntu: (CVE-2024-27408): linux-raspi-realtime vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | 2024-05-17 | 2025-02-11 | 2025-02-18 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
2024-05-17
Added
2025-02-11
Modified
2025-02-18
Description
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup
The Linked list element and pointer are not stored in the same memory as
the eDMA controller register. If the doorbell register is toggled before
the full write of the linked list a race condition error will occur.
In remote setup we can only use a readl to the memory to assure the full
write has occurred.
Solution
ubuntu-upgrade-linux-raspi-realtime
References
- CVE-2024-27408
- https://attackerkb.com/topics/CVE-2024-27408
- URL-https://git.kernel.org/linus/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba
- URL-https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba
- URL-https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3
- URL-https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a
- URL-https://www.cve.org/CVERecord?id=CVE-2024-27408
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.