CVE-2024-50101

iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices

Previously, the domain_context_clear() function incorrectly called
pci_for_each_dma_alias() to set up context entries for non-PCI devices.
This could lead to kernel hangs or other unexpected behavior.

Add a check to only call pci_for_each_dma_alias() for PCI devices. For
non-PCI devices, domain_context_clear_one() is called directly.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/vt-d: Se corrige pci_for_each_dma_alias() incorrecto para dispositivos que no sean PCI Anteriormente, la función domain_context_clear() llamaba incorrectamente a pci_for_each_dma_alias() para configurar entradas de contexto para dispositivos que no sean PCI. Esto podría provocar bloqueos del kernel u otro comportamiento inesperado. Agregue una verificación para llamar solo a pci_for_each_dma_alias() para dispositivos PCI. Para dispositivos que no sean PCI, se llama a domain_context_clear_one() directamente.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-10-21 CVE Reserved
2024-11-05 CVE Published
2024-11-05 CVE Updated
2024-11-06 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/9807860f6ad446459d0446550cf4a2dc23bbee6c	Vuln. Introduced
https://git.kernel.org/stable/c/59862b869275c27beb25cda2054b59a8b5d04970	Vuln. Introduced
https://git.kernel.org/stable/c/48f2183a4f9d3540fc5cfc8f8451621ee92c09f8	Vuln. Introduced
https://git.kernel.org/stable/c/9a16ab9d640274b20813d2d17475e18d3e99d834	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/0bd9a30c22afb5da203386b811ec31429d2caa78	2024-10-22
https://git.kernel.org/stable/c/cbfa3a83eba05240ce37839ed48280a05e8e8f6c	2024-10-22
https://git.kernel.org/stable/c/fe2e0b6cd00abea3efac66de1da22d844364c1b0	2024-10-22
https://git.kernel.org/stable/c/04d6826ba7ba81213422276e96c90c6565169e1c	2024-10-22
https://git.kernel.org/stable/c/6e02a277f1db24fa039e23783c8921c7b0e5b1b3	2024-10-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15.142 < 5.15.169 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.142 < 5.15.169"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.66 < 6.1.114 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.66 < 6.1.114"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6.5 < 6.6.58 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.5 < 6.6.58"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.11.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.11.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.12-rc4 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.12-rc4"		en		Affected