PT-2024-30714 · Linux+7 · Linux Kernel+7
Christoph Hellwig
+1
·
Published
2024-07-19
·
Updated
2025-09-29
·
CVE-2024-43856
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.50
Description
The issue is related to a race condition in the
dmam free coherent() function, which can lead to data corruption and crashes. This occurs when a concurrent task makes an allocation with the same vaddr and adds it to the devres list between the time dmam free coherent() frees a DMA allocation and calls devres destroy() to remove and free the data structure used to track the DMA allocation. As a result, there can be two entries in the devres list with the same vaddr, and devres destroy() can free the wrong entry, triggering the WARN ON() in dmam match. The fix involves destroying the devres entry before freeing the DMA allocation.Recommendations
To resolve the issue, update the Linux kernel to version 6.6.50 or later.
As a temporary workaround, consider restricting concurrent tasks during kernel operations to minimize the risk of exploitation.
Exploit
Fix
Allocation of Resources Without Limits
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu