| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024111959-CVE-2024-50295-1201@gregkh> Date: Tue, 19 Nov 2024 02:32:50 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-50295: net: arc: fix the device for dma_map_single/dma_unmap_single Description =========== In the Linux kernel, the following vulnerability has been resolved: net: arc: fix the device for dma_map_single/dma_unmap_single The ndev->dev and pdev->dev aren't the same device, use ndev->dev.parent which has dma_mask, ndev->dev.parent is just pdev->dev. Or it would cause the following issue: [ 39.933526] ------------[ cut here ]------------ [ 39.938414] WARNING: CPU: 1 PID: 501 at kernel/dma/mapping.c:149 dma_map_page_attrs+0x90/0x1f8 The Linux kernel CVE team has assigned CVE-2024-50295 to this issue. Affected and fixed versions =========================== Issue introduced in 5.10 with commit f959dcd6ddfd and fixed in 5.10.230 with commit 30606ea3fae5 Issue introduced in 5.10 with commit f959dcd6ddfd and fixed in 5.15.172 with commit 3898393b5483 Issue introduced in 5.10 with commit f959dcd6ddfd and fixed in 6.1.117 with commit fd4e062fbc07 Issue introduced in 5.10 with commit f959dcd6ddfd and fixed in 6.6.61 with commit 8ed7a4a39c3f Issue introduced in 5.10 with commit f959dcd6ddfd and fixed in 6.11.8 with commit cd4706d9ac0d Issue introduced in 5.10 with commit f959dcd6ddfd and fixed in 6.12 with commit 71803c1dfa29 Issue introduced in 4.4.276 with commit 209fcdad5706 Issue introduced in 4.9.276 with commit 7c4a0c1e82d2 Issue introduced in 4.14.240 with commit dd47d2fe0639 Issue introduced in 4.19.198 with commit c58022e95bd6 Issue introduced in 5.4.134 with commit 6c50a56d2bce Issue introduced in 5.9.2 with commit 4e57482e8440 Issue introduced in 5.10.52 with commit f8763ab3fb86 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-50295 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/ethernet/arc/emac_main.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/30606ea3fae57f8e9f2467415389e988e3c53a18 https://git.kernel.org/stable/c/3898393b5483c8aa2efd7cb13aa70e22078ab022 https://git.kernel.org/stable/c/fd4e062fbc07156f8e9d73212d347c744572677e https://git.kernel.org/stable/c/8ed7a4a39c3f7cd9655af867e878fda512ae67ad https://git.kernel.org/stable/c/cd4706d9ac0d8d3bab8dc9e50cc1187f6cfa43dd https://git.kernel.org/stable/c/71803c1dfa29e0d13b99e48fda11107cc8caebc7
Powered by blists - more mailing lists