Linux Kernel DMA Cleanup Vulnerability in sun8i-ce-cipher

Vulnerability

A vulnerability in the Linux kernel's sun8i-ce-cipher component has been addressed, related to improper error handling in the sun8i_ce_cipher_prepare() function. This issue could lead to the device driver attempting to free invalid DMA memory. The vulnerability arises when dma_map_sg() fails for the destination, causing the driver to incorrectly manage DMA memory. Similarly, if dma_map_single() for the initialization vector (IV) fails, the driver would attempt to free an invalid DMA address. These errors were observed in a module linked with the cryptographic cipher example.

Impact

Exploitation of this vulnerability could lead to warnings about freeing invalid DMA memory addresses, potentially causing instability or crashes in the system.

Added: Jul 10, 2025, 9:00 AM

Updated: Jul 10, 2025, 9:00 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel DMA Cleanup Vulnerability in sun8i-ce-cipher

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating