CVE-2024-50101

Summary

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices

Previously, the domain_context_clear() function incorrectly called pci_for_each_dma_alias() to set up context entries for non-PCI devices. This could lead to kernel hangs or other unexpected behavior.

Add a check to only call pci_for_each_dma_alias() for PCI devices. For non-PCI devices, domain_context_clear_one() is called directly.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9807860f6ad446459d0446550cf4a2dc23bbee6c < 0bd9a30c22afb5da203386b811ec31429d2caa78affected
LinuxLinux59862b869275c27beb25cda2054b59a8b5d04970 < cbfa3a83eba05240ce37839ed48280a05e8e8f6caffected
LinuxLinux48f2183a4f9d3540fc5cfc8f8451621ee92c09f8 < fe2e0b6cd00abea3efac66de1da22d844364c1b0affected
LinuxLinux9a16ab9d640274b20813d2d17475e18d3e99d834 < 04d6826ba7ba81213422276e96c90c6565169e1caffected
LinuxLinux9a16ab9d640274b20813d2d17475e18d3e99d834 < 6e02a277f1db24fa039e23783c8921c7b0e5b1b3affected
LinuxLinux5.15.142 < 5.15.169affected
LinuxLinux6.1.66 < 6.1.114affected
LinuxLinux6.6.5 < 6.6.58affected
LinuxLinux6.7affected
LinuxLinux0 < 6.7unaffected
LinuxLinux5.15.169 <= 5.15.*unaffected
LinuxLinux6.1.114 <= 6.1.*unaffected
LinuxLinux6.6.58 <= 6.6.*unaffected
LinuxLinux6.11.5 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References