CVE-2024-27409: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup

Description

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup

The Linked list element and pointer are not stored in the same memory as
the HDMA controller register. If the doorbell register is toggled before
the full write of the linked list a race condition error will occur.
In remote setup we can only use a readl to the memory to assure the full
write has occurred.

Classification

CVE ID: CVE-2024-27409

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.83% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://git.kernel.org/stable/c/227ef58a9b0c372efba422e8886a8015a1509eba
https://git.kernel.org/stable/c/17be6f5cb223f22e4733ed8fe8b2247cbb677716
https://git.kernel.org/stable/c/712a92a48158e02155b4b6b21e03a817f78c9b7e

Timeline

2024-12-20 00:36:01 UTC
CVE

dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup