Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2024-27079
HistoryMay 01, 2024 - 1:15 p.m.

CVE-2024-27079

2024-05-0113:15:51
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
1
linux kernel
vulnerability
cve-2024-27079
iommu
release device fix
null pointer dereference

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Fix NULL domain on device release

In the kdump kernel, the IOMMU operates in deferred_attach mode. In this
mode, info->domain may not yet be assigned by the time the release_device
function is called. It leads to the following crash in the crash kernel:

BUG: kernel NULL pointer dereference, address: 000000000000003c
...
RIP: 0010:do_raw_spin_lock+0xa/0xa0
...
_raw_spin_lock_irqsave+0x1b/0x30
intel_iommu_release_device+0x96/0x170
iommu_deinit_device+0x39/0xf0
__iommu_group_remove_device+0xa0/0xd0
iommu_bus_notifier+0x55/0xb0
notifier_call_chain+0x5a/0xd0
blocking_notifier_call_chain+0x41/0x60
bus_notify+0x34/0x50
device_del+0x269/0x3d0
pci_remove_bus_device+0x77/0x100
p2sb_bar+0xae/0x1d0
...
i801_probe+0x423/0x740

Use the release_domain mechanism to fix it. The scalable mode context
entry which is not part of release domain should be cleared in
release_device().

Related

vulnrichment 1
redhatcve 1
ubuntucve 1
debiancve 1
cve 1
cvelist 1
osv 4
openvas 4
ubuntu 4
nessus 4
vulnrichment
vulnrichment
CVE-2024-27079 iommu/vt-d: Fix NULL domain on device release
2024-05-01 13:04:58
redhatcve
redhatcve
CVE-2024-27079
2024-05-01 21:24:43
ubuntucve
ubuntucve
CVE-2024-27079
2024-05-01 00:00:00
debiancve
debiancve
CVE-2024-27079
2024-05-01 13:15:51
cve
cve
CVE-2024-27079
2024-05-01 13:15:51
cvelist
cvelist
CVE-2024-27079 iommu/vt-d: Fix NULL domain on device release
2024-05-01 13:04:58
osv
osv
linux-aws, linux-gcp vulnerabilities
2024-06-07 18:49:30
linux-azure, linux-gke vulnerabilities
2024-06-14 17:24:38
linux, linux-ibm, linux-lowlatency, linux-raspi vulnerabilities
2024-06-07 18:18:31
openvas
openvas
Ubuntu: Security Advisory (USN-6817-3)
2024-06-17 00:00:00
Ubuntu: Security Advisory (USN-6817-2)
2024-06-11 00:00:00
Ubuntu: Security Advisory (USN-6817-1)
2024-06-10 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel (OEM) vulnerabilities
2024-06-11 00:00:00
nessus
nessus
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6816-1)
2024-06-07 00:00:00
Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6817-2)
2024-06-10 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-3)
2024-06-14 00:00:00

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for NVD:CVE-2024-27079
vulnrichment1redhatcve1ubuntucve1debiancve1cve1cvelist1osv4openvas4ubuntu4nessus4