{"id":"AZL-50254","summary":"CVE-2024-44949 affecting package kernel for versions less than 5.15.176.3-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nparisc: fix a possible DMA corruption\n\nARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be\npossible that two unrelated 16-byte allocations share a cache line. If\none of these allocations is written using DMA and the other is written\nusing cached write, the value that was written with DMA may be\ncorrupted.\n\nThis commit changes ARCH_DMA_MINALIGN to be 128 on PA20 and 32 on PA1.1 -\nthat's the largest possible cache line size.\n\nAs different parisc microarchitectures have different cache line size, we\ndefine arch_slab_minalign(), cache_line_size() and\ndma_get_cache_alignment() so that the kernel may tune slab cache\nparameters dynamically, based on the detected cache line size.","modified":"2026-04-01T05:16:15.984481Z","published":"2024-09-04T19:15:30Z","upstream":["CVE-2024-44949"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-44949"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.176.3-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-50254.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}