CVE-2024-47730

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - inject error before stopping queue The master ooo cannot be completely closed when the accelerator core reports memory error. Therefore, the driver needs to inject the qm error to close the master ooo. Currently, the qm error is injected after stopping queue, memory may be released immediately after stopping queue, causing the device to access the released memory. Therefore, error is injected to close master ooo before stopping queue to ensure that the device does not access the released memory.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

23 Oct 2024, 17:03

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
First Time Linux linux Kernel
Linux
CWE CWE-416
References () https://git.kernel.org/stable/c/98d3be34c9153eceadb56de50d9f9347e88d86e4 - () https://git.kernel.org/stable/c/98d3be34c9153eceadb56de50d9f9347e88d86e4 - Patch
References () https://git.kernel.org/stable/c/aa3e0db35a60002fb34ef0e4ad203aa59fd00203 - () https://git.kernel.org/stable/c/aa3e0db35a60002fb34ef0e4ad203aa59fd00203 - Patch
References () https://git.kernel.org/stable/c/b04f06fc0243600665b3b50253869533b7938468 - () https://git.kernel.org/stable/c/b04f06fc0243600665b3b50253869533b7938468 - Patch
References () https://git.kernel.org/stable/c/c5f5b813e546f7fe133539c3d7a5086cc8dd2aa1 - () https://git.kernel.org/stable/c/c5f5b813e546f7fe133539c3d7a5086cc8dd2aa1 - Patch
References () https://git.kernel.org/stable/c/f8024f12752e32ffbbf59e1c09d949f977ff743f - () https://git.kernel.org/stable/c/f8024f12752e32ffbbf59e1c09d949f977ff743f - Patch
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: hisilicon/qm - inyectar error antes de detener la cola El master ooo no se puede cerrar por completo cuando el núcleo del acelerador informa un error de memoria. Por lo tanto, el controlador debe inyectar el error qm para cerrar el master ooo. Actualmente, el error qm se inyecta después de detener la cola, la memoria puede liberarse inmediatamente después de detener la cola, lo que hace que el dispositivo acceda a la memoria liberada. Por lo tanto, se inyecta un error para cerrar el master ooo antes de detener la cola para garantizar que el dispositivo no acceda a la memoria liberada.

21 Oct 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-21 13:15

Updated : 2024-10-23 17:03


NVD link : CVE-2024-47730

Mitre link : CVE-2024-47730

CVE.ORG link : CVE-2024-47730


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free