Vulnerability Details : CVE-2024-26598
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache
There is a potential UAF scenario in the case of an LPI translation
cache hit racing with an operation that invalidates the cache, such
as a DISCARD ITS command. The root of the problem is that
vgic_its_check_cache() does not elevate the refcount on the vgic_irq
before dropping the lock that serializes refcount changes.
Have vgic_its_check_cache() raise the refcount on the returned vgic_irq
and add the corresponding decrement after queueing the interrupt.
Products affected by CVE-2024-26598
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2024-26598
0.01%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 1 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2024-26598
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-08-07 |
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | 2024-04-17 |
CWE ids for CVE-2024-26598
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2024-26598
-
https://git.kernel.org/stable/c/dd3956a1b3dd11f46488c928cb890d6937d1ca80
KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
[SECURITY] [DLA 3841-1] linux-5.10 security updateMailing List;Third Party Advisory
-
https://git.kernel.org/stable/c/d04acadb6490aa3314f9c9e087691e55de153b88
KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/ba7be666740847d967822bed15500656b26bc703
KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/ad362fe07fecf0aba839ff2cc59a3617bd42c33f
KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/65b201bf3e9af1b0254243a5881390eda56f72d1
KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/12c2759ab1343c124ed46ba48f27bd1ef5d2dff4
KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - kernel/git/stable/linux.git - Linux kernel stable treePatch
-
https://git.kernel.org/stable/c/dba788e25f05209adf2b0175eb1691dc89fb1ba6
KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - kernel/git/stable/linux.git - Linux kernel stable treePatch
Jump to