CVE-2024-35939

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the dma-direct feature in the Linux kernel, where an untrusted host on TDX can cause set memory encrypted() or set memory decrypted() to fail, resulting in shared memory. Callers must handle these errors to avoid returning decrypted memory to the page allocator, which could lead to functional or security issues. DMA could free decrypted/shared pages if dma set decrypted() fails, and in this rare case, the pages should be leaked instead of freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

ALSA-2024:8856

ALSA-2024:8870

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

AZL-67752

BDU:2025-13357

CESA-2024_8856

CESA-2024_8870

CVE-2024-35939

INFSA-2024_8856

INFSA-2024_8870

INFSA-2024_9315

OESA-2024-1693

OESA-2024-1694

RHSA-2024:8856

RHSA-2024:8870

RHSA-2024:9315

RHSA-2024_8856

RHSA-2024_8870

RHSA-2024_9315

RHSA-2025:4342

RLSA-2024:8856

RLSA-2024:8870

SUSE-SU-2024:2008-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3383-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

USN-6893-1

USN-6893-2

USN-6893-3

USN-6918-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2024-35939

Weakness Enumeration

Related Identifiers

Affected Products

References · 2472