ghsa-5cwm-fg2p-g6pp
Vulnerability from github
Published
2024-12-04 15:31
Modified
2024-12-11 18:30
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K"

The commit 8396c793ffdf ("mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K") increased the max_req_size, even for 4K pages, causing various issues: - Panic booting the kernel/rootfs from an SD card on Rockchip RK3566 - Panic booting the kernel/rootfs from an SD card on StarFive JH7100 - "swiotlb buffer is full" and data corruption on StarFive JH7110

At this stage no fix have been found, so it's probably better to just revert the change.

This reverts commit 8396c793ffdf28bb8aee7cfe0891080f8cab7890.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-53127"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-04T15:15:12Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K\"\n\nThe commit 8396c793ffdf (\"mmc: dw_mmc: Fix IDMAC operation with pages\nbigger than 4K\") increased the max_req_size, even for 4K pages, causing\nvarious issues:\n- Panic booting the kernel/rootfs from an SD card on Rockchip RK3566\n- Panic booting the kernel/rootfs from an SD card on StarFive JH7100\n- \"swiotlb buffer is full\" and data corruption on StarFive JH7110\n\nAt this stage no fix have been found, so it\u0027s probably better to just\nrevert the change.\n\nThis reverts commit 8396c793ffdf28bb8aee7cfe0891080f8cab7890.",
  "id": "GHSA-5cwm-fg2p-g6pp",
  "modified": "2024-12-11T18:30:38Z",
  "published": "2024-12-04T15:31:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53127"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/00bff71745bc3583bd5ca59be91e0ee1d27f1944"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1635e407a4a64d08a8517ac59ca14ad4fc785e75"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/56de724c58c07a7ca3aac027cfd2ccb184ed9e4e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8f9416147d7ed414109d3501f1cb3d7a1735b25a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a4685366f07448420badb710ff5c12aaaadf63ad"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.