5.5

CVE-2024-35804

EPSS 0.02%
Published 17.05.2024 14:15:13
Last modified 19.09.2025 15:58:56
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

KVM: x86: Mark target gfn of emulated atomic instruction as dirty

When emulating an atomic access on behalf of the guest, mark the target
gfn dirty if the CMPXCHG by KVM is attempted and doesn't fault.  This
fixes a bug where KVM effectively corrupts guest memory during live
migration by writing to guest memory without informing userspace that the
page is dirty.

Marking the page dirty got unintentionally dropped when KVM's emulated
CMPXCHG was converted to do a user access.  Before that, KVM explicitly
mapped the guest page into kernel memory, and marked the page dirty during
the unmap phase.

Mark the page dirty even if the CMPXCHG fails, as the old data is written
back on failure, i.e. the page is still written.  The value written is
guaranteed to be the same because the operation is atomic, but KVM's ABI
is that all writes are dirty logged regardless of the value written.  And
more importantly, that's what KVM did before the buggy commit.

Huge kudos to the folks on the Cc list (and many others), who did all the
actual work of triaging and debugging.

base-commit: 6769ea8da8a93ed4630f1ce64df6aafcaabfce64

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.15.58 < 5.15.154

Linux ≫ Linux Kernel Version >= 5.17.13 < 5.18

Linux ≫ Linux Kernel Version >= 5.18.2 < 6.1.84

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.24

Linux ≫ Linux Kernel Version >= 6.7 < 6.7.12

Linux ≫ Linux Kernel Version6.8 Updaterc1

Linux ≫ Linux Kernel Version6.8 Updaterc2

Linux ≫ Linux Kernel Version6.8 Updaterc3

Linux ≫ Linux Kernel Version6.8 Updaterc4

Linux ≫ Linux Kernel Version6.8 Updaterc5

Linux ≫ Linux Kernel Version6.8 Updaterc6

Linux ≫ Linux Kernel Version6.8 Updaterc7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.034

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

https://git.kernel.org/stable/c/225d587a073584946c05c9b7651d637bd45c0c71

Patch

https://git.kernel.org/stable/c/726374dde5d608b15b9756bd52b6fc283fda7a06

Patch

https://git.kernel.org/stable/c/910c57dfa4d113aae6571c2a8b9ae8c430975902

Patch

https://git.kernel.org/stable/c/9d1b22e573a3789ed1f32033ee709106993ba551

Patch

https://git.kernel.org/stable/c/a9bd6bb6f02bf7132c1ab192ba62bbfa52df7d66

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-35804

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-35804

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-35804

EUVD