CVE-2024-44949Improper Initialization in Linux

CWE-665Improper Initialization7 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 93.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
LinuxLinux KernelDebian Linux+3 more
Timeline
PublishedSep 4
Latest updateAug 14

Description

In the Linux kernel, the following vulnerability has been resolved: parisc: fix a possible DMA corruption ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be possible that two unrelated 16-byte allocations share a cache line. If one of these allocations is written using DMA and the other is written using cached write, the value that was written with DMA may be corrupted. This commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 - that's the largest possible cache

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages7 packages

NVDlinux/linux_kernel6.76.10.5+2
Debianlinux/linux_kernel< 6.1.119-1+2
CVEListV5linux/linuxa01fece2e4185ac173abd16d10304d73d47ebf0000baca74fb5879e5f9034b6156671301f500f8ee+4

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2024-44949: In the Linux kernel, the following vulnerability has been resolved: parisc: fix a possible DMA corruption ARCH_DMA_MINALIGN was defined as 16 - this i2024-09-04
GHSA
GHSA-wxc5-fq68-h9mh: In the Linux kernel, the following vulnerability has been resolved: parisc: fix a possible DMA corruption ARCH_DMA_MINALIGN was defined as 16 - this2024-09-04

📋Vendor Advisories

4
CISA ICS
Siemens Third-Party Components in SINEC OS2025-08-14
Microsoft
parisc: fix a possible DMA corruption2024-09-10
Red Hat
kernel: parisc: fix a possible DMA corruption2024-09-04
Debian
CVE-2024-44949: linux - In the Linux kernel, the following vulnerability has been resolved: parisc: fix...2024