Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-38629
HistoryJun 21, 2024 - 10:18 a.m.

CVE-2024-38629 dmaengine: idxd: Avoid unnecessary destruction of file_ida

2024-06-2110:18:20
Linux
www.cve.org
2
linux kernel
cve-2024-38629
vulnerability

0.0004 Low

EPSS

Percentile

15.7%

JSON

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: idxd: Avoid unnecessary destruction of file_ida

file_ida is allocated during cdev open and is freed accordingly
during cdev release. This sequence is guaranteed by driver file
operations. Therefore, there is no need to destroy an already empty
file_ida when the WQ cdev is removed.

Worse, ida_free() in cdev release may happen after destruction of
file_ida per WQ cdev. This can lead to accessing an id in file_ida
after it has been destroyed, resulting in a kernel panic.

Remove ida_destroy(&file_ida) to address these issues.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/dma/idxd/cdev.c"
    ],
    "versions": [
      {
        "version": "e6fd6d7e5f0f",
        "lessThan": "9eb15f24a0b9",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "e6fd6d7e5f0f",
        "lessThan": "15edb906211b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "e6fd6d7e5f0f",
        "lessThan": "76e43fa6a456",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/dma/idxd/cdev.c"
    ],
    "versions": [
      {
        "version": "6.4",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.4",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.33",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.9.4",
        "lessThanOrEqual": "6.9.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10-rc1",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

nvd 1
vulnrichment 1
cve 1
ubuntucve 1
debiancve 1
redhatcve 1
nvd
nvd
CVE-2024-38629
2024-06-21 11:15:11
vulnrichment
vulnrichment
CVE-2024-38629 dmaengine: idxd: Avoid unnecessary destruction of file_ida
2024-06-21 10:18:20
cve
cve
CVE-2024-38629
2024-06-21 11:15:11
ubuntucve
ubuntucve
CVE-2024-38629
2024-06-25 00:00:00
debiancve
debiancve
CVE-2024-38629
2024-06-21 11:15:11
redhatcve
redhatcve
CVE-2024-38629
2024-06-21 19:53:26

0.0004 Low

EPSS

Percentile

15.7%

JSON
Related for CVELIST:CVE-2024-38629
nvd1vulnrichment1cve1ubuntucve1debiancve1redhatcve1