CVE-2024-46707

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 On a system with a GICv3, if a guest hasn't been configured with GICv3 and that the host is not capable of GICv2 emulation, a write to any of the ICC_*SGI*_EL1 registers is trapped to EL2. We therefore try to emulate the SGI access, only to hit a NULL pointer as no private interrupt is allocated (no GIC, remember?). The obvious fix is to give the guest what it deserves, in the shape of a UNDEF exception.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*

History

19 Sep 2024, 13:29

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/15818af2f7aa55eff375333cb7689df15d3f24ef - () https://git.kernel.org/stable/c/15818af2f7aa55eff375333cb7689df15d3f24ef - Patch
References () https://git.kernel.org/stable/c/2073132f6ed3079369e857a8deb33d11bdd983bc - () https://git.kernel.org/stable/c/2073132f6ed3079369e857a8deb33d11bdd983bc - Patch
References () https://git.kernel.org/stable/c/3e6245ebe7ef341639e9a7e402b3ade8ad45a19f - () https://git.kernel.org/stable/c/3e6245ebe7ef341639e9a7e402b3ade8ad45a19f - Patch
References () https://git.kernel.org/stable/c/94d4fbad01b19ec5eab3d6b50aaec4f9db8b2d8d - () https://git.kernel.org/stable/c/94d4fbad01b19ec5eab3d6b50aaec4f9db8b2d8d - Patch
References () https://git.kernel.org/stable/c/96b076e8ee5bc3a1126848c8add0f74bd30dc9d1 - () https://git.kernel.org/stable/c/96b076e8ee5bc3a1126848c8add0f74bd30dc9d1 - Patch
References () https://git.kernel.org/stable/c/9d7629bec5c3f80bd0e3bf8103c06a2f7046bd92 - () https://git.kernel.org/stable/c/9d7629bec5c3f80bd0e3bf8103c06a2f7046bd92 - Patch
First Time Linux linux Kernel
Linux
CWE CWE-476
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*

13 Sep 2024, 14:06

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: KVM: arm64: Hacer que ICC_*SGI*_EL1 no esté definido en ausencia de un vGICv3 En un sistema con un GICv3, si un invitado no se ha configurado con GICv3 y el host no es capaz de emular GICv2, una escritura en cualquiera de los registros ICC_*SGI*_EL1 se atrapa en EL2. Por lo tanto, intentamos emular el acceso a SGI, solo para encontrar un puntero NULL ya que no se asigna ninguna interrupción privada (no hay GIC, ¿recuerdas?). La solución obvia es darle al invitado lo que se merece, en forma de una excepción UNDEF.

13 Sep 2024, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-13 07:15

Updated : 2024-09-19 13:29


NVD link : CVE-2024-46707

Mitre link : CVE-2024-46707

CVE.ORG link : CVE-2024-46707


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference