Impact
A logic error in the Linux kernel’s tegra124‑emc memory driver inverted the test controlling the Direct Load Lock (DLL). The DLL should be enabled when bit A0 is low; the incorrect test caused the DLL to be enabled or disabled incorrectly, leading to improper memory timing. This misconfiguration can corrupt data or cause the kernel to crash, resulting in a denial‑of‑service condition for the affected system.
Affected Systems
Linux kernels that include the tegra124‑emc driver before the commit that corrected the DLL check are vulnerable. Users of any distribution or custom kernel built from a source tree that predates the fix will remain affected until the driver is updated.
Risk and Exploitability
The EPSS score is below 1 % and the vulnerability is not listed in the CISA KEV catalog, indicating a low probability of exploitation. The CVSS score of 9.8 indicates critical severity. Based on the description, it is inferred that an attacker would need local or kernel‑level access to trigger the flaw, making remote exploitation unlikely. If exploited, the kernel could crash or exhibit memory corruption, delivering a denial‑of‑service effect.
OpenCVE Enrichment
Debian DLA