cve-2024-53127
Vulnerability from cvelistv5
Published
2024-12-04 14:20
Modified
2024-12-05 11:30
Severity ?
EPSS score ?
Summary
Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K"
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/mmc/host/dw_mmc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "00bff71745bc",
"status": "affected",
"version": "32bd402f6760",
"versionType": "git"
},
{
"lessThan": "8f9416147d7e",
"status": "affected",
"version": "373f8f5b087f",
"versionType": "git"
},
{
"lessThan": "56de724c58c0",
"status": "affected",
"version": "5b4bf3948875",
"versionType": "git"
},
{
"lessThan": "a4685366f074",
"status": "affected",
"version": "8396c793ffdf",
"versionType": "git"
},
{
"lessThan": "1635e407a4a6",
"status": "affected",
"version": "8396c793ffdf",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/mmc/host/dw_mmc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.11"
},
{
"lessThan": "6.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.325",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.119",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.63",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K\"\n\nThe commit 8396c793ffdf (\"mmc: dw_mmc: Fix IDMAC operation with pages\nbigger than 4K\") increased the max_req_size, even for 4K pages, causing\nvarious issues:\n- Panic booting the kernel/rootfs from an SD card on Rockchip RK3566\n- Panic booting the kernel/rootfs from an SD card on StarFive JH7100\n- \"swiotlb buffer is full\" and data corruption on StarFive JH7110\n\nAt this stage no fix have been found, so it\u0027s probably better to just\nrevert the change.\n\nThis reverts commit 8396c793ffdf28bb8aee7cfe0891080f8cab7890."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T11:30:02.980Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/00bff71745bc3583bd5ca59be91e0ee1d27f1944"
},
{
"url": "https://git.kernel.org/stable/c/8f9416147d7ed414109d3501f1cb3d7a1735b25a"
},
{
"url": "https://git.kernel.org/stable/c/56de724c58c07a7ca3aac027cfd2ccb184ed9e4e"
},
{
"url": "https://git.kernel.org/stable/c/a4685366f07448420badb710ff5c12aaaadf63ad"
},
{
"url": "https://git.kernel.org/stable/c/1635e407a4a64d08a8517ac59ca14ad4fc785e75"
}
],
"title": "Revert \"mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K\"",
"x_generator": {
"engine": "bippy-8e903de6a542"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-53127",
"datePublished": "2024-12-04T14:20:31.547Z",
"dateReserved": "2024-11-19T17:17:24.995Z",
"dateUpdated": "2024-12-05T11:30:02.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-53127\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-12-04T15:15:12.637\",\"lastModified\":\"2024-12-11T17:30:25.387\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nRevert \\\"mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K\\\"\\n\\nThe commit 8396c793ffdf (\\\"mmc: dw_mmc: Fix IDMAC operation with pages\\nbigger than 4K\\\") increased the max_req_size, even for 4K pages, causing\\nvarious issues:\\n- Panic booting the kernel/rootfs from an SD card on Rockchip RK3566\\n- Panic booting the kernel/rootfs from an SD card on StarFive JH7100\\n- \\\"swiotlb buffer is full\\\" and data corruption on StarFive JH7110\\n\\nAt this stage no fix have been found, so it\u0027s probably better to just\\nrevert the change.\\n\\nThis reverts commit 8396c793ffdf28bb8aee7cfe0891080f8cab7890.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Revertir \\\"mmc: dw_mmc: Fix IDMAC operaci\u00f3n con p\u00e1ginas mayores a 4K\\\" el commit 8396c793ffdf (\\\"mmc: dw_mmc: Fix IDMAC operaci\u00f3n con p\u00e1ginas mayores a 4K\\\") aument\u00f3 el max_req_size, incluso para p\u00e1ginas de 4K, causando varios problemas: - Arranque de p\u00e1nico del kernel/rootfs desde una tarjeta SD en Rockchip RK3566 - Arranque de p\u00e1nico del kernel/rootfs desde una tarjeta SD en StarFive JH7100 - \\\"El b\u00fafer swiotlb est\u00e1 lleno\\\" y corrupci\u00f3n de datos en StarFive JH7110 En esta etapa no se ha encontrado ninguna soluci\u00f3n, por lo que probablemente sea mejor simplemente revertir el cambio. Esto revierte el commit 8396c793ffdf28bb8aee7cfe0891080f8cab7890.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.19.322\",\"versionEndExcluding\":\"4.20\",\"matchCriteriaId\":\"A3FCD7A0-ABE5-49E8-A47C-F0169215C4B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1.110\",\"versionEndExcluding\":\"6.1.119\",\"matchCriteriaId\":\"2CBF5FEE-FA65-4175-A79C-A4BC95F455FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.6.51\",\"versionEndExcluding\":\"6.6.63\",\"matchCriteriaId\":\"65D69377-4D8D-42CE-8449-8C96D02515A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.11\",\"versionEndExcluding\":\"6.11.10\",\"matchCriteriaId\":\"D04DE94B-7655-4F33-96C5-47B09FF8D844\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/00bff71745bc3583bd5ca59be91e0ee1d27f1944\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1635e407a4a64d08a8517ac59ca14ad4fc785e75\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/56de724c58c07a7ca3aac027cfd2ccb184ed9e4e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8f9416147d7ed414109d3501f1cb3d7a1735b25a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a4685366f07448420badb710ff5c12aaaadf63ad\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.