CVE - CVE-2024-36925

CVE-ID
CVE-2024-36925	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool list_head when SWIOTLB_DYNAMIC=y Using restricted DMA pools (CONFIG_DMA_RESTRICTED_POOL=y) in conjunction with dynamic SWIOTLB (CONFIG_SWIOTLB_DYNAMIC=y) leads to the following crash when initialising the restricted pools at boot-time: \| Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 \| Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP \| pc : rmem_swiotlb_device_init+0xfc/0x1ec \| lr : rmem_swiotlb_device_init+0xf0/0x1ec \| Call trace: \| rmem_swiotlb_device_init+0xfc/0x1ec \| of_reserved_mem_device_init_by_idx+0x18c/0x238 \| of_dma_configure_id+0x31c/0x33c \| platform_dma_configure+0x34/0x80 faddr2line reveals that the crash is in the list validation code: include/linux/list.h:83 include/linux/rculist.h:79 include/linux/rculist.h:106 kernel/dma/swiotlb.c:306 kernel/dma/swiotlb.c:1695 because add_mem_pool() is trying to list_add_rcu() to a NULL 'mem->pools'. Fix the crash by initialising the 'mem->pools' list_head in rmem_swiotlb_device_init() before calling add_mem_pool().
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/75961ffb5cb3e5196f19cae7683f35cc88b50800 URL:https://git.kernel.org/stable/c/75961ffb5cb3e5196f19cae7683f35cc88b50800 MISC:https://git.kernel.org/stable/c/f2a6b3ed20f2dea4cb645abc6a73c4595662adca URL:https://git.kernel.org/stable/c/f2a6b3ed20f2dea4cb645abc6a73c4595662adca MISC:https://git.kernel.org/stable/c/f62e0fefcdfe2c05ccb1aa80521a69524eea9c84 URL:https://git.kernel.org/stable/c/f62e0fefcdfe2c05ccb1aa80521a69524eea9c84
Assigning CNA
kernel.org
Date Record Created
20240530	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240530)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)