{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T15:37:39.882","vulnerabilities":[{"cve":{"id":"CVE-2024-26680","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-04-02T07:15:44.490","lastModified":"2025-03-17T15:42:06.147","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: Fix DMA mapping for PTP hwts ring\n\nFunction aq_ring_hwts_rx_alloc() maps extra AQ_CFG_RXDS_DEF bytes\nfor PTP HWTS ring but then generic aq_ring_free() does not take this\ninto account.\nCreate and use a specific function to free HWTS ring to fix this\nissue.\n\nTrace:\n[  215.351607] ------------[ cut here ]------------\n[  215.351612] DMA-API: atlantic 0000:4b:00.0: device driver frees DMA memory with different size [device address=0x00000000fbdd0000] [map size=34816 bytes] [unmap size=32768 bytes]\n[  215.351635] WARNING: CPU: 33 PID: 10759 at kernel/dma/debug.c:988 check_unmap+0xa6f/0x2360\n...\n[  215.581176] Call Trace:\n[  215.583632]  <TASK>\n[  215.585745]  ? show_trace_log_lvl+0x1c4/0x2df\n[  215.590114]  ? show_trace_log_lvl+0x1c4/0x2df\n[  215.594497]  ? debug_dma_free_coherent+0x196/0x210\n[  215.599305]  ? check_unmap+0xa6f/0x2360\n[  215.603147]  ? __warn+0xca/0x1d0\n[  215.606391]  ? check_unmap+0xa6f/0x2360\n[  215.610237]  ? report_bug+0x1ef/0x370\n[  215.613921]  ? handle_bug+0x3c/0x70\n[  215.617423]  ? exc_invalid_op+0x14/0x50\n[  215.621269]  ? asm_exc_invalid_op+0x16/0x20\n[  215.625480]  ? check_unmap+0xa6f/0x2360\n[  215.629331]  ? mark_lock.part.0+0xca/0xa40\n[  215.633445]  debug_dma_free_coherent+0x196/0x210\n[  215.638079]  ? __pfx_debug_dma_free_coherent+0x10/0x10\n[  215.643242]  ? slab_free_freelist_hook+0x11d/0x1d0\n[  215.648060]  dma_free_attrs+0x6d/0x130\n[  215.651834]  aq_ring_free+0x193/0x290 [atlantic]\n[  215.656487]  aq_ptp_ring_free+0x67/0x110 [atlantic]\n...\n[  216.127540] ---[ end trace 6467e5964dd2640b ]---\n[  216.132160] DMA-API: Mapped at:\n[  216.132162]  debug_dma_alloc_coherent+0x66/0x2f0\n[  216.132165]  dma_alloc_attrs+0xf5/0x1b0\n[  216.132168]  aq_ring_hwts_rx_alloc+0x150/0x1f0 [atlantic]\n[  216.132193]  aq_ptp_ring_alloc+0x1bb/0x540 [atlantic]\n[  216.132213]  aq_nic_init+0x4a1/0x760 [atlantic]"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: atlantic: corrige el mapeo DMA para el anillo PTP hwts. La función aq_ring_hwts_rx_alloc() asigna bytes AQ_CFG_RXDS_DEF adicionales para el anillo PTP HWTS, pero luego el aq_ring_free() genérico no tiene esto en cuenta. Cree y utilice una función específica para liberar el anillo HWTS y solucionar este problema. Seguimiento: [215.351607] ------------[ cortar aquí ]------------ [ 215.351612] DMA-API: atlantic 0000:4b:00.0: el controlador de dispositivo se libera Memoria DMA con diferente tamaño [dirección del dispositivo=0x00000000fbdd0000] [tamaño del mapa=34816 bytes] [tamaño de desasignación=32768 bytes] [215.351635] ADVERTENCIA: CPU: 33 PID: 10759 en kernel/dma/debug.c:988 check_unmap+0xa6f/ 0x2360... [215.581176] Seguimiento de llamadas: [215.583632]  [215.585745]? show_trace_log_lvl+0x1c4/0x2df [215.590114]? show_trace_log_lvl+0x1c4/0x2df [215.594497]? debug_dma_free_coherent+0x196/0x210 [215.599305]? check_unmap+0xa6f/0x2360 [215.603147]? __advertir+0xca/0x1d0 [215.606391] ? check_unmap+0xa6f/0x2360 [215.610237]? report_bug+0x1ef/0x370 [215.613921]? handle_bug+0x3c/0x70 [215.617423]? exc_invalid_op+0x14/0x50 [215.621269]? asm_exc_invalid_op+0x16/0x20 [215.625480]? check_unmap+0xa6f/0x2360 [215.629331]? mark_lock.part.0+0xca/0xa40 [215.633445] debug_dma_free_coherent+0x196/0x210 [215.638079]? __pfx_debug_dma_free_coherent+0x10/0x10 [215.643242] ? slab_free_freelist_hook+0x11d/0x1d0 [ 215.648060] dma_free_attrs+0x6d/0x130 [ 215.651834] aq_ring_free+0x193/0x290 [atlántico] [ 215.656487] aq_ptp_ring_free+0x67/0x110 [atlántico]... [216.127540] ---[fin de seguimiento 6467e5964dd2640b]- -- [ 216.132160] DMA-API: Asignado en: [ 216.132162] debug_dma_alloc_coherent+0x66/0x2f0 [ 216.132165] dma_alloc_attrs+0xf5/0x1b0 [ 216.132168] aq_ring_hwts_rx_alloc+0x150 /0x1f0 [atlántico] [ 216.132193] aq_ptp_ring_alloc+0x1bb/0x540 [atlántico] [216.132213] aq_nic_init+0x4a1/0x760 [atlántico]"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"6.1.78","matchCriteriaId":"FBEFF50A-3584-4FBB-A174-912E8023B334"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.17","matchCriteriaId":"73F8C6ED-5A0B-4B25-8FA9-AF916A9C8F0B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.7.5","matchCriteriaId":"01925741-2C95-47C1-A7EA-3DC2BB0012D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*","matchCriteriaId":"B9F4EA73-0894-400F-A490-3A397AB7A517"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*","matchCriteriaId":"056BD938-0A27-4569-B391-30578B309EE3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*","matchCriteriaId":"F02056A5-B362-4370-9FF8-6F0BD384D520"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/004fe5b7f59286a926a45e0cafc7870e9cdddd56","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2e7d3b67630dfd8f178c41fa2217aa00e79a5887","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/466ceebe48cbba3f4506f165fca7111f9eb8bb12","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e42e334c645575be5432adee224975d4f536fdb1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/004fe5b7f59286a926a45e0cafc7870e9cdddd56","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2e7d3b67630dfd8f178c41fa2217aa00e79a5887","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/466ceebe48cbba3f4506f165fca7111f9eb8bb12","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e42e334c645575be5432adee224975d4f536fdb1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}