ghsa-xr85-qg34-q2mx
Vulnerability from github
Published
2024-11-19 03:31
Modified
2025-11-04 00:32
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

net: arc: fix the device for dma_map_single/dma_unmap_single

The ndev->dev and pdev->dev aren't the same device, use ndev->dev.parent which has dma_mask, ndev->dev.parent is just pdev->dev. Or it would cause the following issue:

[ 39.933526] ------------[ cut here ]------------ [ 39.938414] WARNING: CPU: 1 PID: 501 at kernel/dma/mapping.c:149 dma_map_page_attrs+0x90/0x1f8

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-50295"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-19T02:16:31Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: arc: fix the device for dma_map_single/dma_unmap_single\n\nThe ndev-\u003edev and pdev-\u003edev aren\u0027t the same device, use ndev-\u003edev.parent\nwhich has dma_mask, ndev-\u003edev.parent is just pdev-\u003edev.\nOr it would cause the following issue:\n\n[   39.933526] ------------[ cut here ]------------\n[   39.938414] WARNING: CPU: 1 PID: 501 at kernel/dma/mapping.c:149 dma_map_page_attrs+0x90/0x1f8",
  "id": "GHSA-xr85-qg34-q2mx",
  "modified": "2025-11-04T00:32:03Z",
  "published": "2024-11-19T03:31:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50295"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/30606ea3fae57f8e9f2467415389e988e3c53a18"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3898393b5483c8aa2efd7cb13aa70e22078ab022"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/71803c1dfa29e0d13b99e48fda11107cc8caebc7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8ed7a4a39c3f7cd9655af867e878fda512ae67ad"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cd4706d9ac0d8d3bab8dc9e50cc1187f6cfa43dd"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fd4e062fbc07156f8e9d73212d347c744572677e"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.