| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025011152-CVE-2024-57805-fbae@gregkh> Date: Sat, 11 Jan 2025 13:39:57 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-57805: ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP Description =========== In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP The linkDMA should not be released on stop trigger since a stream re-start might happen without closing of the stream. This leaves a short time for other streams to 'steal' the linkDMA since it has been released. This issue is not easy to reproduce under normal conditions as usually after stop the stream is closed, or the same stream is restarted, but if another stream got in between the stop and start, like this: aplay -Dhw:0,3 -c2 -r48000 -fS32_LE /dev/zero -d 120 CTRL+z aplay -Dhw:0,0 -c2 -r48000 -fS32_LE /dev/zero -d 120 then the link DMA channels will be mixed up, resulting firmware error or crash. The Linux kernel CVE team has assigned CVE-2024-57805 to this issue. Affected and fixed versions =========================== Issue introduced in 6.12 with commit ab5593793e9088abcddce30ba8e376e31b7285fd and fixed in 6.12.8 with commit 909ecf15cb70f78cdb5c930f58df01db039a0ff8 Issue introduced in 6.12 with commit ab5593793e9088abcddce30ba8e376e31b7285fd and fixed in 6.13-rc5 with commit e8d0ba147d901022bcb69da8d8fd817f84e9f3ca Issue introduced in 6.11.6 with commit ec0c7735dd014e54e55bc3bf4ed2e73d56bb00b3 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-57805 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: sound/soc/sof/intel/hda-dai.c sound/soc/sof/intel/hda.h Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/909ecf15cb70f78cdb5c930f58df01db039a0ff8 https://git.kernel.org/stable/c/e8d0ba147d901022bcb69da8d8fd817f84e9f3ca
Powered by blists - more mailing lists