CVE-2024-26790 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip (ls1028a) errata: The SoC may hang on 16 byte unaligned read transactions by QDMA. Unaligned read transactions initiated by QDMA may stall in the NOC (Network On-Chip), causing a deadlock condition. Stalled transactions will trigger completion timeouts in PCIe controller. Workaround: Enable prefetch by setting the source descriptor prefetchable bit ( SD[PF] = 1 ). Implement this workaround.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/106c1ac953a66556ec77456c46e818208d3a9bce
https://git.kernel.org/stable/c/237ecf1afe6c22534fa43abdf2bf0b0f52de0aaa
https://git.kernel.org/stable/c/518d78b4fac68cac29a263554d7f3b19da99d0da
https://git.kernel.org/stable/c/5b696e9c388251f1c7373be92293769a489fd367
https://git.kernel.org/stable/c/9d739bccf261dd93ec1babf82f5c5d71dd4caa3e
https://git.kernel.org/stable/c/ad2f8920c314e0a2d9e984fc94b729eca3cda471
https://git.kernel.org/stable/c/bb3a06e9b9a30e33d96aadc0e077be095a4f8580
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lore.kernel.org/linux-cve-announce/2024040400-CVE-2024-26790-a4a4@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-26790
https://www.cve.org/CVERecord?id=CVE-2024-26790

History

Thu, 19 Sep 2024 10:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-125

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-04T08:20:21.742Z

Updated: 2024-11-05T09:15:52.396Z

Reserved: 2024-02-19T14:20:24.178Z

Link: CVE-2024-26790

Vulnrichment

Updated: 2024-08-02T00:14:13.493Z

NVD

Status : Awaiting Analysis

Published: 2024-04-04T09:15:08.453

Modified: 2024-11-05T10:15:50.127

Link: CVE-2024-26790

Redhat

Severity : Moderate

Publid Date: 2024-04-04T00:00:00Z

Links: CVE-2024-26790 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26790", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.178Z", "datePublished": "2024-04-04T08:20:21.742Z", "dateUpdated": "2024-11-05T09:15:52.396Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:15:52.396Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read\n\nThere is chip (ls1028a) errata:\n\nThe SoC may hang on 16 byte unaligned read transactions by QDMA.\n\nUnaligned read transactions initiated by QDMA may stall in the NOC\n(Network On-Chip), causing a deadlock condition. Stalled transactions will\ntrigger completion timeouts in PCIe controller.\n\nWorkaround:\nEnable prefetch by setting the source descriptor prefetchable bit\n( SD[PF] = 1 ).\n\nImplement this workaround."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/fsl-qdma.c"], "versions": [{"version": "b092529e0aa0", "lessThan": "518d78b4fac6", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa0", "lessThan": "bb3a06e9b9a3", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa0", "lessThan": "106c1ac953a6", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa0", "lessThan": "237ecf1afe6c", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa0", "lessThan": "5b696e9c3882", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa0", "lessThan": "ad2f8920c314", "status": "affected", "versionType": "git"}, {"version": "b092529e0aa0", "lessThan": "9d739bccf261", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/fsl-qdma.c"], "versions": [{"version": "5.1", "status": "affected"}, {"version": "0", "lessThan": "5.1", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.271", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.212", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.151", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.81", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.21", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.9", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/518d78b4fac68cac29a263554d7f3b19da99d0da"}, {"url": "https://git.kernel.org/stable/c/bb3a06e9b9a30e33d96aadc0e077be095a4f8580"}, {"url": "https://git.kernel.org/stable/c/106c1ac953a66556ec77456c46e818208d3a9bce"}, {"url": "https://git.kernel.org/stable/c/237ecf1afe6c22534fa43abdf2bf0b0f52de0aaa"}, {"url": "https://git.kernel.org/stable/c/5b696e9c388251f1c7373be92293769a489fd367"}, {"url": "https://git.kernel.org/stable/c/ad2f8920c314e0a2d9e984fc94b729eca3cda471"}, {"url": "https://git.kernel.org/stable/c/9d739bccf261dd93ec1babf82f5c5d71dd4caa3e"}], "title": "dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26790", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-04T16:24:55.798835Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:49:16.312Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.493Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/518d78b4fac68cac29a263554d7f3b19da99d0da", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bb3a06e9b9a30e33d96aadc0e077be095a4f8580", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/106c1ac953a66556ec77456c46e818208d3a9bce", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/237ecf1afe6c22534fa43abdf2bf0b0f52de0aaa", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5b696e9c388251f1c7373be92293769a489fd367", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ad2f8920c314e0a2d9e984fc94b729eca3cda471", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9d739bccf261dd93ec1babf82f5c5d71dd4caa3e", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/518d78b4fac68cac29a263554d7f3b19da99d0da", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bb3a06e9b9a30e33d96aadc0e077be095a4f8580", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/106c1ac953a66556ec77456c46e818208d3a9bce", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/237ecf1afe6c22534fa43abdf2bf0b0f52de0aaa", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5b696e9c388251f1c7373be92293769a489fd367", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ad2f8920c314e0a2d9e984fc94b729eca3cda471", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9d739bccf261dd93ec1babf82f5c5d71dd4caa3e", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.493Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26790", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-04T16:24:55.798835Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:22.126Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "b092529e0aa0", "lessThan": "518d78b4fac6", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa0", "lessThan": "bb3a06e9b9a3", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa0", "lessThan": "106c1ac953a6", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa0", "lessThan": "237ecf1afe6c", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa0", "lessThan": "5b696e9c3882", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa0", "lessThan": "ad2f8920c314", "versionType": "git"}, {"status": "affected", "version": "b092529e0aa0", "lessThan": "9d739bccf261", "versionType": "git"}], "programFiles": ["drivers/dma/fsl-qdma.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.1"}, {"status": "unaffected", "version": "0", "lessThan": "5.1", "versionType": "custom"}, {"status": "unaffected", "version": "5.4.271", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.212", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.151", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.81", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.21", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.9", "versionType": "custom", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/dma/fsl-qdma.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/518d78b4fac68cac29a263554d7f3b19da99d0da"}, {"url": "https://git.kernel.org/stable/c/bb3a06e9b9a30e33d96aadc0e077be095a4f8580"}, {"url": "https://git.kernel.org/stable/c/106c1ac953a66556ec77456c46e818208d3a9bce"}, {"url": "https://git.kernel.org/stable/c/237ecf1afe6c22534fa43abdf2bf0b0f52de0aaa"}, {"url": "https://git.kernel.org/stable/c/5b696e9c388251f1c7373be92293769a489fd367"}, {"url": "https://git.kernel.org/stable/c/ad2f8920c314e0a2d9e984fc94b729eca3cda471"}, {"url": "https://git.kernel.org/stable/c/9d739bccf261dd93ec1babf82f5c5d71dd4caa3e"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read\n\nThere is chip (ls1028a) errata:\n\nThe SoC may hang on 16 byte unaligned read transactions by QDMA.\n\nUnaligned read transactions initiated by QDMA may stall in the NOC\n(Network On-Chip), causing a deadlock condition. Stalled transactions will\ntrigger completion timeouts in PCIe controller.\n\nWorkaround:\nEnable prefetch by setting the source descriptor prefetchable bit\n( SD[PF] = 1 ).\n\nImplement this workaround."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:22:47.059Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26790", "state": "PUBLISHED", "dateUpdated": "2024-08-02T00:14:13.493Z", "dateReserved": "2024-02-19T14:20:24.178Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-04T08:20:21.742Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read\n\nThere is chip (ls1028a) errata:\n\nThe SoC may hang on 16 byte unaligned read transactions by QDMA.\n\nUnaligned read transactions initiated by QDMA may stall in the NOC\n(Network On-Chip), causing a deadlock condition. Stalled transactions will\ntrigger completion timeouts in PCIe controller.\n\nWorkaround:\nEnable prefetch by setting the source descriptor prefetchable bit\n( SD[PF] = 1 ).\n\nImplement this workaround."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: dmaengine: fsl-qdma: correcci\u00f3n El SoC puede bloquearse en lecturas no alineadas de 16 bytes. Hay erratas en el chip (ls1028a): El SoC puede bloquearse en transacciones de lectura no alineadas de 16 bytes mediante QDMA. Las transacciones de lectura no alineadas iniciadas por QDMA pueden detenerse en el NOC (Network On-Chip), provocando una condici\u00f3n de interbloqueo. Las transacciones detenidas activar\u00e1n tiempos de espera de finalizaci\u00f3n en el controlador PCIe. Soluci\u00f3n alternativa: habilite la captaci\u00f3n previa estableciendo el bit de captaci\u00f3n previa del descriptor de origen ( SD[PF] = 1 ). Implemente esta soluci\u00f3n."}], "id": "CVE-2024-26790", "lastModified": "2024-11-05T10:15:50.127", "metrics": {}, "published": "2024-04-04T09:15:08.453", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/106c1ac953a66556ec77456c46e818208d3a9bce"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/237ecf1afe6c22534fa43abdf2bf0b0f52de0aaa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/518d78b4fac68cac29a263554d7f3b19da99d0da"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/5b696e9c388251f1c7373be92293769a489fd367"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9d739bccf261dd93ec1babf82f5c5d71dd4caa3e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ad2f8920c314e0a2d9e984fc94b729eca3cda471"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bb3a06e9b9a30e33d96aadc0e077be095a4f8580"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read", "id": "2273451", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273451"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read\nThere is chip (ls1028a) errata:\nThe SoC may hang on 16 byte unaligned read transactions by QDMA.\nUnaligned read transactions initiated by QDMA may stall in the NOC\n(Network On-Chip), causing a deadlock condition. Stalled transactions will\ntrigger completion timeouts in PCIe controller.\nWorkaround:\nEnable prefetch by setting the source descriptor prefetchable bit\n( SD[PF] = 1 ).\nImplement this workaround.", "A vulnerability was found in the Linux kernel's fsl-qdma driver, part of the DMA engine subsystem. This flaw could lead to a system-on-chip (SoC) hanging during a 16-byte unaligned read operation."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-26790", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26790\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26790\nhttps://lore.kernel.org/linux-cve-announce/2024040400-CVE-2024-26790-a4a4@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate", "upstream_fix": "kernel 5.4.271, kernel 5.10.212, kernel 5.15.151, kernel 6.1.81, kernel 6.6.21, kernel 6.7.9, kernel 6.8"}