Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentLinuxVULNRICHMENT:CVE-2024-40963
HistoryJul 12, 2024 - 12:32 p.m.

CVE-2024-40963 mips: bmips: BCM6358: make sure CBR is correctly set

2024-07-1212:32:04
Linux
github.com
linux kernel
vulnerability resolved
cbr address
kernel panic
tp1
bmips_get_cbr()
rac flush
address validation fix

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

mips: bmips: BCM6358: make sure CBR is correctly set

It was discovered that some device have CBR address set to 0 causing
kernel panic when arch_sync_dma_for_cpu_all is called.

This was notice in situation where the system is booted from TP1 and
BMIPS_GET_CBR() returns 0 instead of a valid address and
!!(read_c0_brcm_cmt_local() & (1 << 31)); not failing.

The current check whether RAC flush should be disabled or not are not
enough hence lets check if CBR is a valid address or not.

Related

nvd 1
cvelist 1
debiancve 1
redhatcve 1
osv 15
cve 1
ubuntucve 1
nessus 16
openvas 13
oraclelinux 3
nvd
nvd
CVE-2024-40963
2024-07-12 13:15:18
cvelist
cvelist
CVE-2024-40963 mips: bmips: BCM6358: make sure CBR is correctly set
2024-07-12 12:32:04
debiancve
debiancve
CVE-2024-40963
2024-07-12 13:15:18
redhatcve
redhatcve
CVE-2024-40963
2024-07-16 16:57:19
osv
osv
CVE-2024-40963
2024-07-12 13:15:00
linux, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gkeop, linux-ibm, linux-kvm, linux-oracle vulnerabilities
2024-09-12 09:40:42
linux-xilinx-zynqmp vulnerabilities
2024-09-13 08:01:57
cve
cve
CVE-2024-40963
2024-07-12 13:15:18
ubuntucve
ubuntucve
CVE-2024-40963
2024-07-12 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7003-1)
2024-09-12 00:00:00
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7003-3)
2024-09-13 00:00:00
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12612)
2024-09-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-7003-1)
2024-09-12 00:00:00
Ubuntu: Security Advisory (USN-7003-3)
2024-09-16 00:00:00
Ubuntu: Security Advisory (USN-7003-2)
2024-09-12 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-09-10 00:00:00
Unbreakable Enterprise kernel-container security update
2024-09-11 00:00:00
Unbreakable Enterprise kernel security update
2024-09-12 00:00:00

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2024-40963
nvd1cvelist1debiancve1redhatcve1osv15cve1ubuntucve1nessus16openvas13oraclelinux3