CVE-2024-27408: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup

Description

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup

The Linked list element and pointer are not stored in the same memory as
the eDMA controller register. If the doorbell register is toggled before
the full write of the linked list a race condition error will occur.
In remote setup we can only use a readl to the memory to assure the full
write has occurred.

Classification

CVE ID: CVE-2024-27408

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.81% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3
https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a
https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba

Timeline

2024-12-20 00:36:01 UTC
CVE

dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup