CVE-2024-50297
CVSS 3.1 Score 4.7 of 10 (medium)
Details
Published Nov 19, 2024
Updated: Nov 27, 2024
CWE ID 362
Summary
[CVE-2024-50297] The Linux kernel contains a vulnerability in the axienet driver for Xilinx devices. This issue is related to enqueueing Tx packets in the data queueing list (dql) before the dmaengine starts. A race condition occurs as a result, causing the kernel to crash during an iperf stress test. The crash is characterized by a BUG report with an internal error, and is traced back to the dql_completed function. Resolving this vulnerability involves starting the dmaengine after enqueueing in dql to prevent the race condition and subsequent crash.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX