CVE-2024-56719

EPSS 0.02%
Veröffentlicht 29.12.2024 09:15:07
Zuletzt bearbeitet 25.03.2026 11:16:09
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

net: stmmac: fix TSO DMA API usage causing oops

In the Linux kernel, the following vulnerability has been resolved:

net: stmmac: fix TSO DMA API usage causing oops

Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap
for non-paged SKB data") moved the assignment of tx_skbuff_dma[]'s
members to be later in stmmac_tso_xmit().

The buf (dma cookie) and len stored in this structure are passed to
dma_unmap_single() by stmmac_tx_clean(). The DMA API requires that
the dma cookie passed to dma_unmap_single() is the same as the value
returned from dma_map_single(). However, by moving the assignment
later, this is not the case when priv->dma_cap.addr64 > 32 as "des"
is offset by proto_hdr_len.

This causes problems such as:

  dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed

and with DMA_API_DEBUG enabled:

  DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]

Fix this by maintaining "des" as the original DMA cookie, and use
tso_des to pass the offset DMA cookie to stmmac_tso_allocator().

Full details of the crashes can be found at:
https://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/
https://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 7

NVD 6 VulnDex Vulnerability Enrichment 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.15.171 < 5.16

Linux ≫ Linux Kernel Version >= 6.1.116 < 6.2

Linux ≫ Linux Kernel Version >= 6.6.60 < 6.6.68

Linux ≫ Linux Kernel Version >= 6.11.7 < 6.12.7

Linux ≫ Linux Kernel Version6.13 Updaterc1

Linux ≫ Linux Kernel Version6.13 Updaterc2

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.052

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/4c49f38e20a57f8abaebdf95b369295b153d1f8e

Patch

https://git.kernel.org/stable/c/9d5dd7ccea1b46a9a7c6b3c2b9e5ed8864e185e2

Patch

https://git.kernel.org/stable/c/db3667c9bbfbbf5de98e6c9542f7e03fb5243286

Patch

https://git.kernel.org/stable/c/6abcdc9a73274052a9e96a1926994ecf9aedad82

https://nvd.nist.gov/vuln/detail/CVE-2024-56719

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-56719

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-56719

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-56719