Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2024-26787): Linux kernel vulnerabilities

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

Ubuntu: (Multiple Advisories) (CVE-2024-26787): Linux kernel vulnerabilities

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

04/04/2024

Created

07/02/2024

Added

07/01/2024

Modified

07/15/2024

Description

In the Linux kernel, the following vulnerability has been resolved: mmc: mmci: stm32: fix DMA API overlapping mappings warning Turning on CONFIG_DMA_API_DEBUG_SG results in the following warning: DMA-API: mmci-pl18x 48220000.mmc: cacheline tracking EEXIST, overlapping mappings aren't supported WARNING: CPU: 1 PID: 51 at kernel/dma/debug.c:568 add_dma_entry+0x234/0x2f4 Modules linked in: CPU: 1 PID: 51 Comm: kworker/1:2 Not tainted 6.1.28 #1 Hardware name: STMicroelectronics STM32MP257F-EV1 Evaluation Board (DT) Workqueue: events_freezable mmc_rescan Call trace: add_dma_entry+0x234/0x2f4 debug_dma_map_sg+0x198/0x350 __dma_map_sg_attrs+0xa0/0x110 dma_map_sg_attrs+0x10/0x2c sdmmc_idma_prep_data+0x80/0xc0 mmci_prep_data+0x38/0x84 mmci_start_data+0x108/0x2dc mmci_request+0xe4/0x190 __mmc_start_request+0x68/0x140 mmc_start_request+0x94/0xc0 mmc_wait_for_req+0x70/0x100 mmc_send_tuning+0x108/0x1ac sdmmc_execute_tuning+0x14c/0x210 mmc_execute_tuning+0x48/0xec mmc_sd_init_uhs_card.part.0+0x208/0x464 mmc_sd_init_card+0x318/0x89c mmc_attach_sd+0xe4/0x180 mmc_rescan+0x244/0x320 DMA API debug brings to light leaking dma-mappings as dma_map_sg and dma_unmap_sg are not correctly balanced. If an error occurs in mmci_cmd_irq function, only mmci_dma_error function is called and as this API is not managed on stm32 variant, dma_unmap_sg is never called in this error path.

Solution(s)

ubuntu-upgrade-linux-image-5-15-0-1030-xilinx-zynqmp
ubuntu-upgrade-linux-image-5-15-0-1046-gkeop
ubuntu-upgrade-linux-image-5-15-0-1056-ibm
ubuntu-upgrade-linux-image-5-15-0-1057-ibm
ubuntu-upgrade-linux-image-5-15-0-1058-intel-iotg
ubuntu-upgrade-linux-image-5-15-0-1058-nvidia
ubuntu-upgrade-linux-image-5-15-0-1058-nvidia-lowlatency
ubuntu-upgrade-linux-image-5-15-0-1060-gke
ubuntu-upgrade-linux-image-5-15-0-1060-kvm
ubuntu-upgrade-linux-image-5-15-0-1061-oracle
ubuntu-upgrade-linux-image-5-15-0-1062-gcp
ubuntu-upgrade-linux-image-5-15-0-1063-aws
ubuntu-upgrade-linux-image-5-15-0-1065-azure-fde
ubuntu-upgrade-linux-image-5-15-0-1066-azure
ubuntu-upgrade-linux-image-5-15-0-110-lowlatency
ubuntu-upgrade-linux-image-5-15-0-110-lowlatency-64k
ubuntu-upgrade-linux-image-5-15-0-112-generic
ubuntu-upgrade-linux-image-5-15-0-112-generic-64k
ubuntu-upgrade-linux-image-5-15-0-112-generic-lpae
ubuntu-upgrade-linux-image-5-15-0-113-generic
ubuntu-upgrade-linux-image-5-15-0-113-generic-64k
ubuntu-upgrade-linux-image-5-15-0-113-generic-lpae
ubuntu-upgrade-linux-image-aws
ubuntu-upgrade-linux-image-aws-lts-22-04
ubuntu-upgrade-linux-image-azure-fde-lts-22-04
ubuntu-upgrade-linux-image-azure-lts-22-04
ubuntu-upgrade-linux-image-gcp
ubuntu-upgrade-linux-image-gcp-lts-22-04
ubuntu-upgrade-linux-image-generic
ubuntu-upgrade-linux-image-generic-64k
ubuntu-upgrade-linux-image-generic-64k-hwe-20-04
ubuntu-upgrade-linux-image-generic-hwe-20-04
ubuntu-upgrade-linux-image-generic-lpae
ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04
ubuntu-upgrade-linux-image-gke
ubuntu-upgrade-linux-image-gke-5-15
ubuntu-upgrade-linux-image-gkeop
ubuntu-upgrade-linux-image-gkeop-5-15
ubuntu-upgrade-linux-image-ibm
ubuntu-upgrade-linux-image-intel
ubuntu-upgrade-linux-image-intel-iotg
ubuntu-upgrade-linux-image-kvm
ubuntu-upgrade-linux-image-lowlatency
ubuntu-upgrade-linux-image-lowlatency-64k
ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04
ubuntu-upgrade-linux-image-lowlatency-hwe-20-04
ubuntu-upgrade-linux-image-nvidia
ubuntu-upgrade-linux-image-nvidia-lowlatency
ubuntu-upgrade-linux-image-oem-20-04
ubuntu-upgrade-linux-image-oem-20-04b
ubuntu-upgrade-linux-image-oem-20-04c
ubuntu-upgrade-linux-image-oem-20-04d
ubuntu-upgrade-linux-image-oracle-lts-22-04
ubuntu-upgrade-linux-image-virtual
ubuntu-upgrade-linux-image-virtual-hwe-20-04
ubuntu-upgrade-linux-image-xilinx-zynqmp

References

https://attackerkb.com/topics/cve-2024-26787
CVE - 2024-26787
USN-6820-1
USN-6820-2
USN-6821-1
USN-6821-2
USN-6821-3
USN-6821-4
USN-6828-1
USN-6871-1
USN-6892-1

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2024-26787): Linux kernel vulnerabilities

Ubuntu: (Multiple Advisories) (CVE-2024-26787): Linux kernel vulnerabilities

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.