CVE-2024-47727: x86/tdx: Fix "in-kernel MMIO" check
First published: Mon Oct 21 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handle_mmio() function checks if the #VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can deceive the kernel into performing MMIO on its behalf. For example, if userspace can point a syscall to an MMIO address, syscall does get_user() or put_user() on it, triggering MMIO #VE. The kernel will treat the #VE as in-kernel MMIO. Ensure that the target MMIO address is within the kernel before decoding instruction.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux kernel | >=5.19<6.1.113 | |
| Linux kernel | >=6.2<6.6.54 | |
| Linux kernel | >=6.7<6.10.13 | |
| Linux kernel | >=6.11<6.11.2 | |
| Linux Kernel | >=5.19<6.1.113 | |
| Linux Kernel | >=6.2<6.6.54 | |
| Linux Kernel | >=6.7<6.10.13 | |
| Linux Kernel | >=6.11<6.11.2 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 | |
| debian/linux-6.1 | 6.1.129-1~deb11u1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/25703a3c980e21548774eea8c8a87a75c5c8f58c
- https://git.kernel.org/stable/c/4c0c5dcb5471de5fc8f0a1c4980e5815339e1cee
- https://git.kernel.org/stable/c/18ecd5b74682839e7cdafb7cd1ec106df7baa18c
- https://git.kernel.org/stable/c/bca2e29f7e26ce7c3522f8b324c0bd85612f68e3
- https://git.kernel.org/stable/c/d4fc4d01471528da8a9797a065982e05090e1d81
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47727
- https://nvd.nist.gov/vuln/detail/CVE-2024-47727
- https://launchpad.net/bugs/cve/CVE-2024-47727
- https://security-tracker.debian.org/tracker/CVE-2024-47727
- https://ubuntu.com/security/CVE-2024-47727
- https://git.kernel.org/linus/d4fc4d01471528da8a9797a065982e05090e1d81
Frequently Asked Questions
What is the severity of CVE-2024-47727?
CVE-2024-47727 is classified as a high severity vulnerability that affects the Linux kernel.
How do I fix CVE-2024-47727?
To mitigate CVE-2024-47727, users should update to the latest stable version of the Linux kernel that includes the fix.
Who is affected by CVE-2024-47727?
CVE-2024-47727 affects users running specific versions of the Linux kernel between 5.19 and 6.11.
What are the potential impacts of CVE-2024-47727?
Exploitation of CVE-2024-47727 could lead to unauthorized access and control over system resources in kernel-initiated MMIO operations.
When was CVE-2024-47727 discovered?
CVE-2024-47727 was identified and documented as a vulnerability in the Linux kernel prior to its resolution in recent updates.
- agent/title
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- agent/remedy
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/launchpad-cve
- source/Launchpad
- agent/source
- agent/references
- agent/tags
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-cve
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- collector/security-tracker-debian
- source/Debian
- agent/description
- vendor/linux
- canonical/linux kernel
- version/linux kernel/5.19
- version/linux kernel/6.2
- version/linux kernel/6.7
- version/linux kernel/6.11
- package-manager/debian