We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)
Ok

THREATINT
PUBLISHED

CVE-2024-27079

iommu/vt-d: Fix NULL domain on device release

Reserved:2024-02-19
Published:2024-05-01
Updated:2024-05-13

Description

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In this mode, info->domain may not yet be assigned by the time the release_device function is called. It leads to the following crash in the crash kernel: BUG: kernel NULL pointer dereference, address: 000000000000003c ... RIP: 0010:do_raw_spin_lock+0xa/0xa0 ... _raw_spin_lock_irqsave+0x1b/0x30 intel_iommu_release_device+0x96/0x170 iommu_deinit_device+0x39/0xf0 __iommu_group_remove_device+0xa0/0xd0 iommu_bus_notifier+0x55/0xb0 notifier_call_chain+0x5a/0xd0 blocking_notifier_call_chain+0x41/0x60 bus_notify+0x34/0x50 device_del+0x269/0x3d0 pci_remove_bus_device+0x77/0x100 p2sb_bar+0xae/0x1d0 ... i801_probe+0x423/0x740 Use the release_domain mechanism to fix it. The scalable mode context entry which is not part of release domain should be cleared in release_device().

Product status

Default status
unaffected

586081d3f6b1 before 333fe8696848
affected

586081d3f6b1 before 81e921fd3216
affected

Default status
affected

5.18
affected

Any version before 5.18
unaffected

6.8.2
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/333fe86968482ca701c609af590003bcea450e8f

https://git.kernel.org/stable/c/81e921fd321614c2ad8ac333b041aae1da7a1c6d

cve.org CVE-2024-27079

nvd.nist.gov CVE-2024-27079

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-27079