CVE-2024-36913 in Linuxinformazioni

Riassunto

di MITRE • 30/05/2024

In the Linux kernel, the following vulnerability has been resolved:

Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails

In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory is shared. Callers need to take care to handle these errors to avoid returning decrypted (shared) memory to the page allocator, which could lead to functional or security issues.

VMBus code could free decrypted pages if set_memory_encrypted()/decrypted() fails. Leak the pages if this happens.

Be aware that VulDB is the high quality source for vulnerability data.

Prenotare

30/05/2024

Divulgazione

30/05/2024

Moderazione

accettato

CPE

pronto

EPSS

0.00915

KEV

no

Attività

molto basso

Fonti

Might our Artificial Intelligence support you?

Check our Alexa App!