CVE-2024-44976

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, specifically in the ata: pata macio component. The issue was caused by a commit that increased max segment size to 64KB, which led to a DMA table overflow when a sufficiently large request was made. This overflow triggered a BUG ON() exception, causing the system to crash. The bug was reported by Kolbjørn and Jonáš, who experienced crashes on their 32-bit PowerMacs. The vulnerability can be exploited when the request size exceeds the limit set by max sectors kb, which can be increased by some distros using udev rules.

Recommendations To fix the bug for 4KB kernels, revert to the old max segment size. For 64KB kernels, halve the sg tablesize to allow for the possibility that each sg will be split into two commands.