CVE-2024-26790

dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read

Description

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip (ls1028a) errata: The SoC may hang on 16 byte unaligned read transactions by QDMA. Unaligned read transactions initiated by QDMA may stall in the NOC (Network On-Chip), causing a deadlock condition. Stalled transactions will trigger completion timeouts in PCIe controller. Workaround: Enable prefetch by setting the source descriptor prefetchable bit ( SD[PF] = 1 ). Implement this workaround.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/518d78b4fac68cac29a263554d7f3b19da99d0da patch
https://git.kernel.org/stable/c/bb3a06e9b9a30e33d96aadc0e077be095a4f8580 patch
https://git.kernel.org/stable/c/106c1ac953a66556ec77456c46e818208d3a9bce patch
https://git.kernel.org/stable/c/237ecf1afe6c22534fa43abdf2bf0b0f52de0aaa patch
https://git.kernel.org/stable/c/5b696e9c388251f1c7373be92293769a489fd367 patch
https://git.kernel.org/stable/c/ad2f8920c314e0a2d9e984fc94b729eca3cda471 patch
https://git.kernel.org/stable/c/9d739bccf261dd93ec1babf82f5c5d71dd4caa3e patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html mailing list

Frequently Asked Questions

What is the severity of CVE-2024-26790?
CVE-2024-26790 has been scored as a medium severity vulnerability.
How to fix CVE-2024-26790?
To fix CVE-2024-26790, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-26790 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-26790 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-26790?
CVE-2024-26790 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.