CVE-2024-46716

Sept. 20, 2024, 12:30 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor Remove list_del call in msgdma_chan_desc_cleanup, this should be the role of msgdma_free_descriptor. In consequence replace list_add_tail with list_move_tail in msgdma_free_descriptor. This fixes the path: msgdma_free_chan_resources -> msgdma_free_descriptors -> msgdma_free_desc_list -> msgdma_free_descriptor which does not correctly free the descriptors as first nodes were not removed from the list.

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/20bf2920a869f9dbda0ef8c94c87d1901a64a716
https://git.kernel.org/stable/c/54e4ada1a4206f878e345ae01cf37347d803d1b1
https://git.kernel.org/stable/c/a3480e59fdbe5585d2d1eff0bed7671583acf725
https://git.kernel.org/stable/c/db67686676c7becc1910bf1d6d51505876821863

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-09-18
CVE-2024-46716

Timeline

Published: Sept. 18, 2024, 7:15 a.m.
Last Modified: Sept. 20, 2024, 12:30 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.