CVE-2024-44943

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50

Description A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The issue occurs due to the misuse of try grab folio() in both fast and slow paths, leading to an improper reference count. The try grab folio() function is supposed to be used in the fast path and elevates the folio refcount by using add ref unless zero. However, in the slow path, there is at least one stable reference, so a simple atomic add could be used. The performance difference is trivial, but the misuse may be confusing and misleading.

The vulnerability is resolved by redefining try grab folio() to try grab folio fast() and try grab page() to try grab folio(), and using them in the proper paths. This solves both the abuse and the kernel warning. The proper naming makes their use case more clear and should prevent abuse in the future.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.50 or later. This update fixes the vulnerability by properly using try grab folio fast() and try grab folio() in their respective paths, preventing the kernel warning and potential misuse.