CVE-2024-35843

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the I/O page fault handler in the Linux kernel, which currently locates the PCI device by calling pci get domain bus and slot(). This function searches the list of all PCI devices until the desired device is found. To improve lookup efficiency, it is replaced with device rbtree find() to search the device within the probed device rbtree. The I/O page fault is initiated by the device, which does not have any synchronization mechanism with the software to ensure that the device stays in the probed device tree. Theoretically, a device could be released by the IOMMU subsystem after device rbtree find() and before iopf get dev fault param(), which would cause a use-after-free problem. A mutex is added to synchronize the I/O page fault reporting path and the IOMMU release device path.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.