CVE-2024-44949
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/09/2024
Last modified:
24/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
parisc: fix a possible DMA corruption<br />
<br />
ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be<br />
possible that two unrelated 16-byte allocations share a cache line. If<br />
one of these allocations is written using DMA and the other is written<br />
using cached write, the value that was written with DMA may be<br />
corrupted.<br />
<br />
This commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 -<br />
that&#39;s the largest possible cache line size.<br />
<br />
As different parisc microarchitectures have different cache line size, we<br />
define arch_slab_minalign(), cache_line_size() and<br />
dma_get_cache_alignment() so that the kernel may tune slab cache<br />
parameters dynamically, based on the detected cache line size.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.6.46 (excluding) | |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.10.5 (excluding) |
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page