CVE-2021-47035
iommu/vt-d: Remove WO permissions on second-level paging entries
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove WO permissions on second-level paging entries When the first level page table is used for IOVA translation, it only
supports Read-Only and Read-Write permissions. The Write-Only permission
is not supported as the PRESENT bit (implying Read permission) should
always set. When using second level, we still give separate permissions
that allows WriteOnly which seems inconsistent and awkward. We want to
have consistent behavior. After moving to 1st level, we don't want things
to work sometimes, and break if we use 2nd level for the same mappings.
Hence remove this configuration.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/vt-d: elimina los permisos WO en las entradas de paginación de segundo nivel. Cuando la tabla de páginas de primer nivel se utiliza para la traducción IOVA, solo admite permisos de solo lectura y lectura-escritura. . El permiso de sólo escritura no se admite ya que el bit PRESENTE (que implica permiso de lectura) siempre debe establecerse. Cuando usamos el segundo nivel, todavía otorgamos permisos separados que permiten WriteOnly, lo que parece inconsistente e incómodo. Queremos tener un comportamiento consistente. Después de pasar al primer nivel, no queremos que las cosas funcionen a veces y se rompan si usamos el segundo nivel para las mismas asignaciones. Por lo tanto, elimine esta configuración.
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove WO permissions on second-level paging entries When the first level page table is used for IOVA translation, it only supports Read-Only and Read-Write permissions. The Write-Only permission is not supported as the PRESENT bit (implying Read permission) should always set. When using second level, we still give separate permissions that allows WriteOnly which seems inconsistent and awkward. We want to have consistent behavior. After moving to 1st level, we don't want things to work sometimes, and break if we use 2nd level for the same mappings. Hence remove this configuration.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-27 CVE Reserved
- 2024-02-28 CVE Published
- 2024-02-29 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/b802d070a52a1565b47daaa808872cfbd4a17b01 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.6 < 5.10.37 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.10.37" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.6 < 5.10.38 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.10.38" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.6 < 5.11.21 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.11.21" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.6 < 5.12.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.12.4" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.6 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.13" | en |
Affected
| ||||||