CVE-2024-40989

Summary

In the Linux kernel, the following vulnerability has been resolved:

KVM: arm64: Disassociate vcpus from redistributor region on teardown

When tearing down a redistributor region, make sure we don't have any dangling pointer to that region stored in a vcpu.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe5a35635464bc5304674b84ea42615a3fd0bd949 < 68df4fc449fcc24347209e500ce26d5816705a77affected
LinuxLinuxe5a35635464bc5304674b84ea42615a3fd0bd949 < 48bb62859d47c5c4197a8c01128d0fa4f46ee58caffected
LinuxLinuxe5a35635464bc5304674b84ea42615a3fd0bd949 < 152b4123f21e6aff31cea01158176ad96a999c76affected
LinuxLinuxe5a35635464bc5304674b84ea42615a3fd0bd949 < 0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux6.1.96 <= 6.1.*unaffected
LinuxLinux6.6.36 <= 6.6.*unaffected
LinuxLinux6.9.7 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References