CVE-2024-27408

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-27408

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27408.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-27408

Downstream

BELL-CVE-2024-27408

DEBIAN-CVE-2024-27408

ECHO-1b35-7cf4-b42d

OESA-2024-1707

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2973-1

UBUNTU-CVE-2024-27408

Related

Published

2024-05-17T12:15:11Z

Modified

2025-09-18T17:31:49Z

Severity

4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup

The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred.

References

Affected packages