CVE-2024-35833

dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA

This dma_alloc_coherent() is undone neither in the remove function, nor in
the error handling path of fsl_qdma_probe().

Switch to the managed version to fix both issues.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dmaengine: fsl-qdma: corregida una pérdida de memoria relacionada con el comando de cola DMA. Este dma_alloc_coherent() no se deshace ni en la función de eliminación ni en la ruta de manejo de errores de fsl_qdma_probe() . Cambie a la versión administrada para solucionar ambos problemas.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-17 CVE Reserved
2024-05-17 CVE Published
2024-05-18 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/b092529e0aa09829a6404424ce167bf3ce3235e2	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/1c75fe450b5200c78f4a102a0eb8e15d8f1ccda8	2024-02-23
https://git.kernel.org/stable/c/ae6769ba51417c1c86fb645812d5bff455eee802	2024-02-23
https://git.kernel.org/stable/c/15eb996d7d13cb72a16389231945ada8f0fef2c3	2024-02-23
https://git.kernel.org/stable/c/25ab4d72eb7cbfa0f3d97a139a9b2bfcaa72dd59	2024-02-16
https://git.kernel.org/stable/c/5cd8a51517ce15edbdcea4fc74c4c127ddaa1bd6	2024-02-16
https://git.kernel.org/stable/c/198270de9d8eb3b5d5f030825ea303ef95285d24	2024-02-16
https://git.kernel.org/stable/c/3aa58cb51318e329d203857f7a191678e60bb714	2024-01-22

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.1 < 5.4.269 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 5.4.269"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.1 < 5.10.210 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 5.10.210"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.1 < 5.15.149 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 5.15.149"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.1 < 6.1.78 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 6.1.78"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.1 < 6.6.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 6.6.17"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.1 < 6.7.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 6.7.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.1 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.1 < 6.8"		en		Affected