漏洞详情: CVE-2024-35939

漏洞标题
dma-direct: Leak pages on dma_set_decrypted() failure
来源:NVD
Linux kernel 安全漏洞
来源:CNNVD
漏洞描述
In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure On TDX it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory is shared. Callers need to take care to handle these errors to avoid returning decrypted (shared) memory to the page allocator, which could lead to functional or security issues. DMA could free decrypted/shared pages if dma_set_decrypted() fails. This should be a rare case. Just leak the pages in this case instead of freeing them.
来源:NVD
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于dma_set_decrypted函数失败时会泄漏页面。
来源:CNNVD
None
来源:神龙机器人
漏洞评分(CVSS)
NVD 暂无评分
来源:NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
来源:神龙机器人, 准确率:N/A
漏洞类别
NVD 暂无漏洞类别信息
来源:NVD
其他
来源:CNNVD
相关链接