| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024110526-CVE-2024-50101-d1bb@gregkh> Date: Tue, 5 Nov 2024 18:07:30 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-50101: iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices Description =========== In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices Previously, the domain_context_clear() function incorrectly called pci_for_each_dma_alias() to set up context entries for non-PCI devices. This could lead to kernel hangs or other unexpected behavior. Add a check to only call pci_for_each_dma_alias() for PCI devices. For non-PCI devices, domain_context_clear_one() is called directly. The Linux kernel CVE team has assigned CVE-2024-50101 to this issue. Affected and fixed versions =========================== Issue introduced in 5.15.142 with commit 9807860f6ad4 and fixed in 5.15.169 with commit 0bd9a30c22af Issue introduced in 6.1.66 with commit 59862b869275 and fixed in 6.1.114 with commit cbfa3a83eba0 Issue introduced in 6.6.5 with commit 48f2183a4f9d and fixed in 6.6.58 with commit fe2e0b6cd00a Issue introduced in 6.7 with commit 9a16ab9d6402 and fixed in 6.11.5 with commit 04d6826ba7ba Issue introduced in 6.7 with commit 9a16ab9d6402 and fixed in 6.12-rc4 with commit 6e02a277f1db Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-50101 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/iommu/intel/iommu.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/0bd9a30c22afb5da203386b811ec31429d2caa78 https://git.kernel.org/stable/c/cbfa3a83eba05240ce37839ed48280a05e8e8f6c https://git.kernel.org/stable/c/fe2e0b6cd00abea3efac66de1da22d844364c1b0 https://git.kernel.org/stable/c/04d6826ba7ba81213422276e96c90c6565169e1c https://git.kernel.org/stable/c/6e02a277f1db24fa039e23783c8921c7b0e5b1b3
Powered by blists - more mailing lists