CVE-2024-35957

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the iommu/vt-d driver in the Linux kernel. A commit was made to use a rbtree to track iommu probed devices, which assumes each device has a unique source ID. However, this assumption is incorrect and not stated in the VT-d spec. The reason for using a rbtree is to look up devices with PCI bus and devfunc in the paths of handling ATS invalidation time out error and the PRI I/O page faults, both of which are PCI ATS feature related. To avoid unnecessary WARN ON in the iommu probe path, only devices with PCI ATS capabilities should be tracked in the rbtree. Otherwise, on some platforms, a kernel splat will be displayed, and the iommu probe will result in failure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.