-

CVE-2024-35791

EPSS 0.05%
Veröffentlicht 17.05.2024 13:15:58
Zuletzt bearbeitet 21.11.2024 09:20:54
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region()

Do the cache flush of converted pages in svm_register_enc_region() before
dropping kvm->lock to fix use-after-free issues where region and/or its
array of pages could be freed by a different task, e.g. if userspace has
__unregister_enc_region_locked() already queued up for the region.

Note, the "obvious" alternative of using local variables doesn't fully
resolve the bug, as region->pages is also dynamically allocated.  I.e. the
region structure itself would be fine, but region->pages could be freed.

Flushing multiple pages under kvm->lock is unfortunate, but the entire
flow is a rare slow path, and the manual flush is only needed on CPUs that
lack coherency for encrypted memory.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 2d13b79640b147bd77c34a5998533b2021a4122d

Version 4f627ecde7329e476a077bb0590db8f27bb8f912

Status affected

Version < e126b508ed2e616d679d85fca2fbe77bb48bbdd7

Version 19a23da53932bc8011220bd8c410cb76012de004

Status affected

Version < 4868c0ecdb6cfde7c70cf478c46e06bb9c7e5865

Version 19a23da53932bc8011220bd8c410cb76012de004

Status affected

Version < 12f8e32a5a389a5d58afc67728c76e61beee1ad4

Version 19a23da53932bc8011220bd8c410cb76012de004

Status affected

Version < f6d53d8a2617dd58c89171a6b9610c470ebda38a

Version 19a23da53932bc8011220bd8c410cb76012de004

Status affected

Version < 5ef1d8c1ddbf696e47b226e11888eaf8d9e8e807

Version 19a23da53932bc8011220bd8c410cb76012de004

Status affected

Version f1ecde00ce1694597f923f0d25f7a797c5243d99

Status affected

Version 848bcb0a1d96f67d075465667d3a1ad4af56311e

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.11

Status affected

Version < 5.11

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.215

Status unaffected

Version <= 5.15.*

Version 5.15.154

Status unaffected

Version <= 6.1.*

Version 6.1.84

Status unaffected

Version <= 6.6.*

Version 6.6.24

Status unaffected

Version <= 6.7.*

Version 6.7.12

Status unaffected

Version <= *

Version 6.8

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.161

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

https://git.kernel.org/stable/c/12f8e32a5a389a5d58afc67728c76e61beee1ad4

https://git.kernel.org/stable/c/2d13b79640b147bd77c34a5998533b2021a4122d

https://git.kernel.org/stable/c/4868c0ecdb6cfde7c70cf478c46e06bb9c7e5865

https://git.kernel.org/stable/c/5ef1d8c1ddbf696e47b226e11888eaf8d9e8e807

https://git.kernel.org/stable/c/e126b508ed2e616d679d85fca2fbe77bb48bbdd7

https://git.kernel.org/stable/c/f6d53d8a2617dd58c89171a6b9610c470ebda38a

https://nvd.nist.gov/vuln/detail/CVE-2024-35791

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-35791

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-35791

EUVD