CVE-2024-35801

2024-05-1700:00:00

ubuntu.com

linux

kernel

vulnerability

x86

msr_ia32_xfd

cpu hotplug

xrstor

#nm

security

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

In the Linux kernel, the following vulnerability has been resolved:
x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD Commit 672365477ae8
(“x86/fpu: Update XFD state where required”) and commit 8bf26758ca96
(“x86/fpu: Add XFD state to fpstate”) introduced a per CPU variable
xfd_state to keep the MSR_IA32_XFD value cached, in order to avoid
unnecessary writes to the MSR. On CPU hotplug MSR_IA32_XFD is reset to the
init_fpstate.xfd, which wipes out any stale state. But the per CPU cached
xfd value is not reset, which brings them out of sync. As a consequence a
subsequent xfd_update_state() might fail to update the MSR which in turn
can result in XRSTOR raising a #NM in kernel space, which crashes the
kernel. To fix this, introduce xfd_set_state() to write xfd_state together
with MSR_IA32_XFD, and use it in all places that set MSR_IA32_XFD.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu23.10noarchlinux< anyUNKNOWN
ubuntu24.04noarchlinux< 6.8.0-35.35UNKNOWN
ubuntu14.04noarchlinux< anyUNKNOWN
ubuntu16.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	23.10	noarch	linux	< any	UNKNOWN
ubuntu	24.04	noarch	linux	< 6.8.0-35.35	UNKNOWN
ubuntu	14.04	noarch	linux	< any	UNKNOWN
ubuntu	16.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN