Executive Summary

Informations
Name CVE-2024-56668 First vendor Publication 2024-12-27
Vendor Cve Last vendor Modification 2025-01-06

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score 5.5
Base Score 5.5 Environmental Score 5.5
impact SubScore 3.6 Temporal Score 5.5
Exploitabality Sub Score 1.8
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact None Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Fix qi_batch NULL pointer with nested parent domain

The qi_batch is allocated when assigning cache tag for a domain. While for nested parent domain, it is missed. Hence, when trying to map pages to the nested parent, NULL dereference occurred. Also, there is potential memleak since there is no lock around domain->qi_batch allocation.

To solve it, add a helper for qi_batch allocation, and call it in both the __cache_tag_assign_domain() and __cache_tag_assign_parent_domain().

BUG: kernel NULL pointer dereference, address: 0000000000000200
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 8104795067 P4D 0
Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI
CPU: 223 UID: 0 PID: 4357 Comm: qemu-system-x86 Not tainted 6.13.0-rc1-00028-g4b50c3c3b998-dirty #2632
Call Trace:
? __die+0x24/0x70
? page_fault_oops+0x80/0x150
? do_user_addr_fault+0x63/0x7b0
? exc_page_fault+0x7c/0x220
? asm_exc_page_fault+0x26/0x30
? cache_tag_flush_range_np+0x13c/0x260
intel_iommu_iotlb_sync_map+0x1a/0x30
iommu_map+0x61/0xf0
batch_to_domain+0x188/0x250
iopt_area_fill_domains+0x125/0x320
? rcu_is_watching+0x11/0x50
iopt_map_pages+0x63/0x100
iopt_map_common.isra.0+0xa7/0x190
iopt_map_user_pages+0x6a/0x80
iommufd_ioas_map+0xcd/0x1d0
iommufd_fops_ioctl+0x118/0x1c0
__x64_sys_ioctl+0x93/0xc0
do_syscall_64+0x71/0x140
entry_SYSCALL_64_after_hwframe+0x76/0x7e

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56668

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-476 NULL Pointer Dereference
50 % CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory Leak')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8
Os 3703

Sources (Detail)

https://git.kernel.org/stable/c/74536f91962d5f6af0a42414773ce61e653c10ee
https://git.kernel.org/stable/c/ffd774c34774fd4cc0e9cf2976595623a6c3a077
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Date Informations
2025-07-15 02:41:15
  • Multiple Updates
2025-07-14 12:38:33
  • Multiple Updates
2025-06-26 02:38:30
  • Multiple Updates
2025-06-25 12:36:34
  • Multiple Updates
2025-06-24 02:43:08
  • Multiple Updates
2025-05-27 02:48:33
  • Multiple Updates
2025-03-29 03:44:27
  • Multiple Updates
2025-03-28 13:47:42
  • Multiple Updates
2025-03-28 03:22:15
  • Multiple Updates
2025-03-19 03:17:05
  • Multiple Updates
2025-03-18 03:30:04
  • Multiple Updates
2025-03-14 03:17:11
  • Multiple Updates
2025-03-06 14:13:44
  • Multiple Updates
2025-02-22 03:27:16
  • Multiple Updates
2025-01-08 00:20:54
  • Multiple Updates
2025-01-07 03:08:09
  • Multiple Updates
2025-01-07 00:20:37
  • Multiple Updates
2025-01-06 21:20:46
  • Multiple Updates
2024-12-27 21:20:28
  • First insertion