Vulnerability DatabaseCVE-2024-27409
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2024-27409
May 17, 2024
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the HDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred.
Related Resources (6)
https://git.kernel.org/stable/c/17be6f5cb223f22e4733ed8fe8b2247cbb677716
https://git.kernel.org/stable/c/227ef58a9b0c372efba422e8886a8015a1509eba
https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/27xxx/CVE-2024-27409.json
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
https://git.kernel.org/stable/c/712a92a48158e02155b4b6b21e03a817f78c9b7e
https://nvd.nist.gov/vuln/detail/CVE-2024-27409
Do you need more information?
Contact Us
CVSS v4
Base Score:
2
Attack Vector
LOCAL
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH
EPSS
Base Score:
0.02