An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1759768]
This was fixed for Fedora with the 5.3.8 stable kernel updates.
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):