CVE-2024-26790 in Linuxinfo

Summary

by MITRE • 04/04/2024

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read

There is chip (ls1028a) errata:

The SoC may hang on 16 byte unaligned read transactions by QDMA.

Unaligned read transactions initiated by QDMA may stall in the NOC (Network On-Chip), causing a deadlock condition. Stalled transactions will trigger completion timeouts in PCIe controller.

Workaround: Enable prefetch by setting the source descriptor prefetchable bit ( SD[PF] = 1 ).

Implement this workaround.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 08/04/2025

The vulnerability identified as CVE-2024-26790 affects the Linux kernel's dmaengine implementation specifically for the Freescale QDMA (QorIQ DMA) driver on the ls1028a System-on-Chip. This represents a critical hardware-level issue that manifests as a system hang condition during specific memory access patterns, fundamentally impacting system stability and reliability in embedded networking and communication applications. The flaw occurs within the QDMA subsystem's handling of memory transactions, creating a deadlock scenario that can bring entire systems to a halt.

The technical root cause stems from a hardware errata present in the ls1028a SoC where unaligned 16-byte read transactions initiated through the QDMA engine become stalled in the Network On-Chip (NOC) component. This stall condition creates a deadlock state where the transaction remains indefinitely blocked within the NOC fabric, preventing further processing and ultimately causing system-wide hangs. The issue is particularly severe because it affects the fundamental DMA operation mechanism, where the QDMA engine cannot properly complete its transaction processing when encountering these specific unaligned memory access patterns.

The operational impact of this vulnerability extends beyond simple system hangs to include complete system unresponsiveness that can persist until manual intervention or power cycle occurs. When PCIe controller completion timeouts are triggered as a secondary effect, the system may experience cascading failures where multiple subsystems become unresponsive, creating a complex failure scenario that can be difficult to diagnose and recover from. This vulnerability directly impacts embedded systems that rely heavily on QDMA for high-performance data movement operations, particularly in networking, storage, and industrial automation applications.

The recommended workaround involves enabling prefetch functionality by setting the source descriptor prefetchable bit (SD[PF] = 1) which provides a mechanism to avoid the problematic transaction path that leads to the NOC stall condition. This mitigation approach aligns with the broader principles of DMA transaction optimization and memory access pattern management as outlined in various embedded system design standards. The solution represents a software-based workaround that modifies the descriptor configuration to avoid triggering the hardware errata, though it may impact performance characteristics and memory bandwidth utilization. This approach demonstrates the typical methodology for addressing hardware-level limitations through software configuration changes, reflecting common practices in embedded systems security and reliability engineering. The vulnerability classification aligns with CWE-674, which addresses "Uncontrolled Resource Consumption" and "Improper Handling of Exceptional Conditions" in embedded system contexts, while the operational impact resembles ATT&CK technique T1499.004 for "Endpoint Denial of Service" through resource exhaustion or system hang conditions.

Reservation

02/19/2024

Disclosure

04/04/2024

Moderation

accepted

CPE

ready

EPSS

0.00173

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!