Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2024-40963
HistoryJul 12, 2024 - 1:15 p.m.

CVE-2024-40963

2024-07-1213:15:18
Debian Security Bug Tracker
security-tracker.debian.org
11
linux kernel
cve-2024-40963
vulnerability
mips
bmips
bcm6358
cbr address

AI Score

6.8

Confidence

High

EPSS

0

Percentile

10.6%

In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: make sure CBR is correctly set It was discovered that some device have CBR address set to 0 causing kernel panic when arch_sync_dma_for_cpu_all is called. This was notice in situation where the system is booted from TP1 and BMIPS_GET_CBR() returns 0 instead of a valid address and !!(read_c0_brcm_cmt_local() & (1 << 31)); not failing. The current check whether RAC flush should be disabled or not are not enough hence lets check if CBR is a valid address or not.

AI Score

6.8

Confidence

High

EPSS

0

Percentile

10.6%