Linux Kernel DMA Engine EDMA Memory Allocation Vulnerability on ARM Platforms

A memory allocation vulnerability has been identified in the Linux kernel's DMA engine EDMA driver, specifically on ARM platforms such as the BeagleBoard-X15. The issue arises because the queue_priority_map was allocated with insufficient memory, leading to out-of-bounds writes. This memory corruption caused kernel crashes by triggering hardening features on Clang. The vulnerability has been addressed by correcting the allocation size to properly accommodate the 2D array structure.

Impact

Exploitation of this vulnerability leads to out-of-bounds memory writes, causing memory corruption that triggers kernel hardening features, resulting in a crash with an 'undefined instruction' error.

Reproduction

The vulnerability can be reproduced by probing the EDMA driver on an affected ARM platform, such as the BeagleBoard-X15. During the probe, the driver attempts to set up the queue_priority_map, which is improperly allocated. The out-of-bounds writes occur when the driver accesses the queue_priority_map to assign priority values, leading to memory corruption and a kernel crash.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version where this issue has been addressed.