vulnerability
Ubuntu: (CVE-2024-27408): linux-raspi-realtime vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:M/Au:S/C:N/I:N/A:C) | May 17, 2024 | Feb 11, 2025 | Apr 16, 2026 |
Severity
4
CVSS
(AV:L/AC:M/Au:S/C:N/I:N/A:C)
Published
May 17, 2024
Added
Feb 11, 2025
Modified
Apr 16, 2026
Description
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup
The Linked list element and pointer are not stored in the same memory as
the eDMA controller register. If the doorbell register is toggled before
the full write of the linked list a race condition error will occur.
In remote setup we can only use a readl to the memory to assure the full
write has occurred.
Solution
ubuntu-upgrade-linux-raspi-realtime
References
- CVE-2024-27408
- https://attackerkb.com/topics/CVE-2024-27408
- CWE-362
- EUVD-EUVD-2024-24612
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-24612
- https://git.kernel.org/linus/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba
- https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba
- https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3
- https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a
- https://www.cve.org/CVERecord?id=CVE-2024-27408
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.