PT-2025-3314 · Linux+7 · Linux Kernel+7
Chen Ridong
·
Published
2024-01-06
·
Updated
2025-12-16
·
CVE-2024-56767
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
A null pointer dereference issue has been resolved in the Linux kernel's dmaengine, specifically in the at xdmac component. The
at xdmac memset create desc function may return NULL, leading to a null pointer dereference. This can occur when the len input is incorrect or when the atchan->free descs list is empty and memory is exhausted. A check has been added to prevent this issue.Recommendations
For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider adding a check to avoid null pointer dereferences in the
at xdmac prep dma memset function until a patch is available. Restrict access to the at xdmac component to minimize the risk of exploitation. Avoid using the len input in the affected at xdmac memset create desc function until the issue is resolved.Exploit
Fix
Use After Free
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu