TLDR:
Researchers discovered a vulnerability in the Linux kernel’s dmam_free_coherent() function, leading to a race condition that could cause system instabilities. This vulnerability allows attackers to bypass CPU and write on memory. A patch has been released to address the issue by swapping the order of function calls.
Researchers found a vulnerability in the Linux kernel’s dmam_free_coherent() function due to a race condition caused by improper order of operations when freeing DMA allocations.
The vulnerability allows attackers to bypass the CPU and write on memory, potentially leading to system instabilities.
A new patch has been released to address the vulnerability by swapping the order of function calls and preventing potential issues with DMA allocations.
Exploiting the vulnerability to write arbitrary data into CPU memory would be complex and highly dependent on system configurations and additional vulnerabilities.
The patch has been tested and approved for inclusion in the mainline Linux kernel, demonstrating ongoing efforts to ensure a stable and reliable operating system for users worldwide.