Google Git
Sign in
kernel / pub / scm / linux / security / vulns / refs/heads/sasha-cve / . / cve / published / 2024 / CVE-2024-40945.json
blob: dde1a3debcbe52fd8c074ece9be80a581073fded [file] [log] [blame]
{
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
},
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Return right value in iommu_sva_bind_device()\n\niommu_sva_bind_device() should return either a sva bond handle or an\nERR_PTR value in error cases. Existing drivers (idxd and uacce) only\ncheck the return value with IS_ERR(). This could potentially lead to\na kernel NULL pointer dereference issue if the function returns NULL\ninstead of an error pointer.\n\nIn reality, this doesn't cause any problems because iommu_sva_bind_device()\nonly returns NULL when the kernel is not configured with CONFIG_IOMMU_SVA.\nIn this case, iommu_dev_enable_feature(dev, IOMMU_DEV_FEAT_SVA) will\nreturn an error, and the device drivers won't call iommu_sva_bind_device()\nat all."
}
],
"affected": [
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"include/linux/iommu.h"
],
"versions": [
{
"version": "26b25a2b98e45aeb40eedcedc586ad5034cbd984",
"lessThan": "700f564758882db7c039dfba9443fe762561a3f8",
"status": "affected",
"versionType": "git"
},
{
"version": "26b25a2b98e45aeb40eedcedc586ad5034cbd984",
"lessThan": "cf34f8f66982a36e5cba0d05781b21ec9606b91e",
"status": "affected",
"versionType": "git"
},
{
"version": "26b25a2b98e45aeb40eedcedc586ad5034cbd984",
"lessThan": "2973b8e7d127754de9013177c41c0b5547406998",
"status": "affected",
"versionType": "git"
},
{
"version": "26b25a2b98e45aeb40eedcedc586ad5034cbd984",
"lessThan": "6325eab6c108fed27f60ff51852e3eac0ba23f3f",
"status": "affected",
"versionType": "git"
},
{
"version": "26b25a2b98e45aeb40eedcedc586ad5034cbd984",
"lessThan": "7388ae6f26c0ba95f70cc96bf9c5d5cb06c908b6",
"status": "affected",
"versionType": "git"
},
{
"version": "26b25a2b98e45aeb40eedcedc586ad5034cbd984",
"lessThan": "61a96da9649a6b6a1a5d5bde9374b045fdb5c12e",
"status": "affected",
"versionType": "git"
},
{
"version": "26b25a2b98e45aeb40eedcedc586ad5034cbd984",
"lessThan": "89e8a2366e3bce584b6c01549d5019c5cda1205e",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"include/linux/iommu.h"
],
"versions": [
{
"version": "5.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.2",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.279",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.221",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.162",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.129",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.35",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.9.6",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2",
"versionEndExcluding": "5.4.279"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2",
"versionEndExcluding": "5.10.221"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2",
"versionEndExcluding": "5.15.162"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2",
"versionEndExcluding": "6.1.129"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2",
"versionEndExcluding": "6.6.35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2",
"versionEndExcluding": "6.9.6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2",
"versionEndExcluding": "6.10"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/700f564758882db7c039dfba9443fe762561a3f8"
},
{
"url": "https://git.kernel.org/stable/c/cf34f8f66982a36e5cba0d05781b21ec9606b91e"
},
{
"url": "https://git.kernel.org/stable/c/2973b8e7d127754de9013177c41c0b5547406998"
},
{
"url": "https://git.kernel.org/stable/c/6325eab6c108fed27f60ff51852e3eac0ba23f3f"
},
{
"url": "https://git.kernel.org/stable/c/7388ae6f26c0ba95f70cc96bf9c5d5cb06c908b6"
},
{
"url": "https://git.kernel.org/stable/c/61a96da9649a6b6a1a5d5bde9374b045fdb5c12e"
},
{
"url": "https://git.kernel.org/stable/c/89e8a2366e3bce584b6c01549d5019c5cda1205e"
}
],
"title": "iommu: Return right value in iommu_sva_bind_device()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
"cveID": "CVE-2024-40945",
"requesterUserId": "gregkh@kernel.org",
"serial": "1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}