CVE-2024-47667

MEDIUM EPSS 10.8%
Published Oct 9, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 9, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) Errata #i2037 in AM65x/DRA80xM Processors Silicon Revision 1.0 (SPRZ452D_July 2018_Revised December 2019 [1]) mentions when an inbound PCIe TLP spans more than two internal AXI 128-byte bursts, the bus may corrupt the packet payload and the corrupt data may cause associated applications or the processor to hang. The workaround for Errata #i2037 is to limit the maximum read request size and maximum payload size to 128 bytes. Add workaround for Errata #i2037 here. The errata and workaround is applicable only to AM65x SR 1.0 and later versions of the silicon will have this fixed. [1] -> https://www.ti.com/lit/er/sprz452i/sprz452i.pdf

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
10.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel* <5.4.284
linuxlinux_kernel*≥5.5  –  <5.10.226
linuxlinux_kernel*≥5.11  –  <5.15.167
linuxlinux_kernel*≥5.16  –  <6.1.110
linuxlinux_kernel*≥6.2  –  <6.6.51
linuxlinux_kernel*≥6.7  –  <6.10.10

References 8

  • git.kernel.org https://git.kernel.org/stable/c/135843c351c08df72bdd4b4ebea53c8052a76881
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/576d0fb6f8d4bd4695e70eee173a1b9c7bae9572
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/86f271f22bbb6391410a07e08d6ca3757fda01fa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/af218c803fe298ddf00abef331aa526b20d7ea61
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cfb006e185f64edbbdf7869eac352442bc76b8f6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dd47051c76c8acd8cb983f01b4d1265da29cb66a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ebbdbbc580c1695dec283d0ba6448729dc993246
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/135843c351c08df72bdd4b4ebea53c8052a76881
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/576d0fb6f8d4bd4695e70eee173a1b9c7bae9572
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/86f271f22bbb6391410a07e08d6ca3757fda01fa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/af218c803fe298ddf00abef331aa526b20d7ea61
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cfb006e185f64edbbdf7869eac352442bc76b8f6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dd47051c76c8acd8cb983f01b4d1265da29cb66a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ebbdbbc580c1695dec283d0ba6448729dc993246
    Patch