Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-36965— remoteproc: mediatek: Make sure IPI buffer fits in L2TCM

EPSS 0.02% · P6

Affected Version Matrix 14

VendorProductVersion RangeStatus
LinuxLinux3efa0ea743b77d1611501f7d8b4f320d032d73ae< 00548ac6b14428719c970ef90adae2b3b48c0cdfaffected
3efa0ea743b77d1611501f7d8b4f320d032d73ae< 1d9e2de24533daca36cbf09e8d8596bf72b526b2affected
3efa0ea743b77d1611501f7d8b4f320d032d73ae< 26c6d7dc8c6a9fde9d362ab2eef6390efeff145eaffected
3efa0ea743b77d1611501f7d8b4f320d032d73ae< 838b49e211d59fa827ff9df062d4020917cffbdfaffected
3efa0ea743b77d1611501f7d8b4f320d032d73ae< 36c79eb4845551e9f6d28c663b38ce0ab03b84a9affected
3efa0ea743b77d1611501f7d8b4f320d032d73ae< 331f91d86f71d0bb89a44217cc0b2a22810bbd42affected
5.11affected
< 5.11unaffected
… +6 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-36965

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in the devicetree node is large enough for that, and while this is especially true for multi-core SCP, it's still useful to check on single-core variants as well. Failing to perform this check may make this driver perform R/W operations out of the L2TCM boundary, resulting (at best) in a kernel panic. To fix that, check that the IPI buffer fits, otherwise return a failure and refuse to boot the relevant SCP core (or the SCP at all, if this is single core).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于remoteproc mediatek中存在安全问题,可能导致内核崩溃。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 3efa0ea743b77d1611501f7d8b4f320d032d73ae ~ 00548ac6b14428719c970ef90adae2b3b48c0cdf -
LinuxLinux 5.11 -

II. Public POCs for CVE-2024-36965

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-36965

登录查看更多情报信息。

Same Patch Batch · Linux · 2024-06-08 · 6 CVEs total

CVE-2024-36966erofs: reliably distinguish block based and fscache mode
CVE-2024-36967KEYS: trusted: Fix memory leak in tpm2_key_encode()
CVE-2024-36968Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
CVE-2024-36969drm/amd/display: Fix division by zero in setup_dsc_config
CVE-2024-36970wifi: iwlwifi: Use request_module_nowait

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2024-36965

No comments yet

Leave a comment