CVE-2024-56719: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-56719 affects the Linux kernel's network stack, specifically the STMMAC Ethernet driver. The vulnerability was discovered and disclosed on December 29, 2024, and involves a DMA API usage issue in the TSO (TCP Segmentation Offload) functionality. The affected versions include Linux kernel 5.15.171 up to 5.16, 6.1.116 up to 6.2, 6.6.60 up to 6.6.68, 6.11.7 up to 6.12.7, and release candidates 6.13-rc1 and 6.13-rc2 (NVD).

The vulnerability stems from incorrect DMA cookie handling in the STMMAC driver's TSO implementation. A previous fix (commit 66600fac7a98) moved the assignment of tx_skbuff_dma[]'s members later in stmmac_tso_xmit(), but this caused issues when priv->dma_cap.addr64 > 32, as the 'des' value is offset by proto_hdr_len. The DMA API requires that the cookie passed to dma_unmap_single() matches the value returned from dma_map_single(). The vulnerability has a CVSS v3.1 base score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can cause system crashes and potential memory corruption. The issue manifests as DMA mapping failures with error messages such as 'Tx DMA map failed' and 'device driver tries to free DMA memory it has not allocated' when DMA_API_DEBUG is enabled (Kernel Patch).

The vulnerability has been patched in the Linux kernel. The fix maintains 'des' as the original DMA cookie and introduces 'tso_des' to pass the offset DMA cookie to stmmac_tso_allocator(). The patch has been tested and confirmed to resolve the issue (Kernel Patch).