Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-j7sw-qch3-huh1
Vulnerability ID VCID-j7sw-qch3-huh1
Aliases CVE-2024-27408
Summary In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred.
Status Published
Exploitability 0.5
Weighted Severity 5.0
Risk 2.5
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3 5.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27408.json
epss 0.00014 https://api.first.org/data/v1/epss?cve=CVE-2024-27408
epss 0.00014 https://api.first.org/data/v1/epss?cve=CVE-2024-27408
epss 0.00014 https://api.first.org/data/v1/epss?cve=CVE-2024-27408
cvssv3.1 2.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc Track https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba
ssvc Track https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3
ssvc Track https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27408.json
https://api.first.org/data/v1/epss?cve=CVE-2024-27408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27408
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2281117 https://bugzilla.redhat.com/show_bug.cgi?id=2281117
bbcc1c83f343e580c3aa1f2a8593343bf7b55bba https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba
d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3 https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3
f396b4df27cfe01a99f4b41f584c49e56477be3a https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27408.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T16:00:32Z/ Found at https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T16:00:32Z/ Found at https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T16:00:32Z/ Found at https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a
Exploit Prediction Scoring System (EPSS)
Percentile 0.02729
EPSS Score 0.00014
Published At June 5, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:50:20.128623+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0