Description

In the Linux kernel, the following vulnerability has been resolved: virtio: packed: fix unmap leak for indirect desc table When use_dma_api and premapped are true, then the do_unmap is false. Because the do_unmap is false, vring_unmap_extra_packed is not called by detach_buf_packed. if (unlikely(vq->do_unmap)) { curr = id; for (i = 0; i < state->num; i++) { vring_unmap_extra_packed(vq, &vq->packed.desc_extra[curr]); curr = vq->packed.desc_extra[curr].next; } } So the indirect desc table is not unmapped. This causes the unmap leak. So here, we check vq->use_dma_api instead. Synchronously, dma info is updated based on use_dma_api judgment This bug does not occur, because no driver use the premapped with indirect.

INFO

Published Date :

2024-05-01T13:04:12.582Z

Last Modified :

2025-05-04T09:03:29.002Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-27066 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-27066.

URL Resource
https://git.kernel.org/stable/c/51bacd9d29bf98c3ebc65e4a0477bb86306b4140 cve-icon cve-icon
https://git.kernel.org/stable/c/75450ff8c6fe8755bf5b139b238eaf9739cfd64e cve-icon cve-icon
https://git.kernel.org/stable/c/d5c0ed17fea60cca9bc3bf1278b49ba79242bbcd cve-icon cve-icon
https://git.kernel.org/stable/c/e142169aca5546ae6619c39a575cda8105362100 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024050132-CVE-2024-27066-686a@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-27066 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-27066 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact