Linux flaw lets hackers skip CPU, write on memory undetected

August 19, 2024
1 min read

TLDR:

Researchers discovered a vulnerability in the Linux kernel’s dmam_free_coherent() function, leading to a race condition that could cause system instabilities. This vulnerability allows attackers to bypass CPU and write on memory. A patch has been released to address the issue by swapping the order of function calls.

Researchers found a vulnerability in the Linux kernel’s dmam_free_coherent() function due to a race condition caused by improper order of operations when freeing DMA allocations.

The vulnerability allows attackers to bypass the CPU and write on memory, potentially leading to system instabilities.

A new patch has been released to address the vulnerability by swapping the order of function calls and preventing potential issues with DMA allocations.

Exploiting the vulnerability to write arbitrary data into CPU memory would be complex and highly dependent on system configurations and additional vulnerabilities.

The patch has been tested and approved for inclusion in the mainline Linux kernel, demonstrating ongoing efforts to ensure a stable and reliable operating system for users worldwide.

Latest from Blog

Top 20 Linux Admin Tools for 2024

TLDR: Top Linux Admin Tools in 2024 Key points: Linux admin tools streamline system configurations, performance monitoring, and security management. Popular Linux admin tools include Webmin, Puppet, Zabbix, Nagios, and Ansible. Summary

Bogus job tempts aerospace, energy workers

TLDR: A North Korean cyberespionage group is posing as job recruiters to target employees in aerospace and energy sectors. Mandiant reports that the group uses fake job descriptions stored in malicious archives