Executive Summary

Informations
Name CVE-2024-50297 First vendor Publication 2024-11-19
Vendor Cve Last vendor Modification 2024-11-19

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

net: xilinx: axienet: Enqueue Tx packets in dql before dmaengine starts

Enqueue packets in dql after dma engine starts causes race condition. Tx transfer starts once dma engine is started and may execute dql dequeue in completion before it gets queued. It results in following kernel crash while running iperf stress test:

kernel BUG at lib/dynamic_queue_limits.c:99! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP pc : dql_completed+0x238/0x248 lr : dql_completed+0x3c/0x248

Call trace:
dql_completed+0x238/0x248
axienet_dma_tx_cb+0xa0/0x170
xilinx_dma_do_tasklet+0xdc/0x290
tasklet_action_common+0xf8/0x11c
tasklet_action+0x30/0x3c
handle_softirqs+0xf8/0x230

Start dmaengine after enqueue in dql fixes the crash.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50297

Sources (Detail)

https://git.kernel.org/stable/c/5ccdcdf186aec6b9111845fd37e1757e9b413e2f
https://git.kernel.org/stable/c/def3dee25cbd1c9b2ed443c3f6180e952563de77
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2024-11-20 03:02:01
  • Multiple Updates
2024-11-20 03:01:15
  • Multiple Updates
2024-11-20 00:20:28
  • Multiple Updates
2024-11-19 09:20:28
  • First insertion