PT-2024-21123 · Linux+10 · Linux Kernel+10

Andrin Bertschi

+4

·

Published

2024-02-11

·

Updated

2025-10-13

·

CVE-2024-25744

CVSS v3.1

8.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.7
Description An untrusted VMM can trigger int80 syscall handling at any given point in the Linux kernel. This issue is related to the files arch/x86/coco/tdx/tdx.c and arch/x86/mm/mem encrypt amd.c, specifically affecting 32-bit emulation for TDX and SEV. The vulnerability opens the guest OS to manipulation from the VMM side.
Recommendations For Linux kernel versions prior to 6.6.7, update to version 6.6.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the int80 syscall handling mechanism until a patch is available. Additionally, restricting the use of 32-bit emulation for TDX and SEV may help minimize the risk of exploitation.

Fix

DoS

Protection Mechanism Failure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-693

Related Identifiers

ALSA-2024:2394
ALSA-2024:3618
ALSA-2024:3627
ALT-PU-2024-14046
AZL-48786
BDU:2025-12936
CESA-2024_3618
CESA-2024_3627
CVE-2024-25744
INFSA-2024_2394
INFSA-2024_3618
INFSA-2024_3627
OPENSUSE-SU-2024_0858-1
RHSA-2024:2394
RHSA-2024:2621
RHSA-2024:2845
RHSA-2024:2846
RHSA-2024:3618
RHSA-2024:3627
RHSA-2024_2394
RHSA-2024_3618
RHSA-2024_3627
RLSA-2024:3618
RLSA-2024:3627
SUSE-SU-2024:0855-1
SUSE-SU-2024:0858-1
SUSE-SU-2024:0910-1
USN-6680-1
USN-6680-2
USN-6680-3
USN-6926-1
USN-6926-2
USN-6926-3
USN-7100-1
USN-7100-2
USN-7123-1
USN-7144-1
USN-7194-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu