Linux Kernel DMA Handling Vulnerability in EC_BHF Ethernet Driver

A vulnerability has been identified in the Linux kernel's EC_BHF Ethernet driver, specifically in the DMA buffer handling during error recovery. The issue arises because the 'dma_free_coherent()' function incorrectly uses the allocation length as the DMA handle, leading to improper unmapping of the buffer. This flaw could potentially cause memory management issues or data corruption. The vulnerability affects the stable versions of the Linux kernel.

Impact

The vulnerability could lead to improper memory management, causing potential data corruption or memory-related issues.

Reproduction

The vulnerability can be reproduced by triggering an error condition in the EC_BHF Ethernet driver, which will activate the error recovery process. During this process, the 'dma_free_coherent()' function will be called with the wrong DMA handle, causing improper unmapping of the DMA buffer.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the updated kernel can be found on the official Linux kernel website.