CVE-2024-36911
hv_netvsc: Don't free decrypted memory
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
hv_netvsc: Don't free decrypted memory
In CoCo VMs it is possible for the untrusted host to cause
set_memory_encrypted() or set_memory_decrypted() to fail such that an
error is returned and the resulting memory is shared. Callers need to
take care to handle these errors to avoid returning decrypted (shared)
memory to the page allocator, which could lead to functional or security
issues.
The netvsc driver could free decrypted/shared pages if
set_memory_decrypted() fails. Check the decrypted field in the gpadl
to decide whether to free the memory.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: hv_netvsc: no liberar memoria descifrada. En las máquinas virtuales CoCo, es posible que el host que no es de confianza provoque que set_memory_encrypted() o set_memory_decrypted() falle, de modo que se devuelva un error y el resultado La memoria es compartida. Las personas que llaman deben tener cuidado al manejar estos errores para evitar devolver memoria descifrada (compartida) al asignador de páginas, lo que podría provocar problemas funcionales o de seguridad. El controlador netvsc podría liberar páginas descifradas/compartidas si falla set_memory_decrypted(). Verifique el campo descifrado en gpadl para decidir si desea liberar la memoria.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-30 CVE Reserved
- 2024-05-30 CVE Published
- 2024-05-31 EPSS Updated
- 2024-11-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.6.31 Search vendor "Linux" for product "Linux Kernel" and version " < 6.6.31" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.8.10 Search vendor "Linux" for product "Linux Kernel" and version " < 6.8.10" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " < 6.9" | en |
Affected
|