Huang Ying

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: The issue arises from the `region intersects()` function being confused by the resource tree structure when "System RAM" is a descendant of "CXL Window X" instead of a top-level resource. This can lead to incorrect permission checking, potentially allowing unauthorized access to system RAM via `/dev/mem`. The error code returned when attempting to write to CXL memory range via `/dev/mem` is incorrect, and a warning is reported in the kernel log for calling `ioremap()` on system RAM. Recommendations: To resolve the issue, update to Linux kernel version 6.6.58 or later. As a temporary workaround, consider restricting access to the `/dev/mem` interface to minimize the risk of exploitation. Additionally, be cautious when using the `dd` command to write to memory ranges, as it may bypass permission checks under certain conditions.