CVE-2024-56668

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.13.0-rc1-00028-g4b50c3c3b998-dirty

Description A NULL pointer dereference issue has been resolved in the Linux kernel's iommu/vt-d component. The issue occurs when trying to map pages to a nested parent domain, resulting in a NULL dereference. Additionally, there is a potential memory leak due to the lack of a lock around the domain->qi batch allocation. The issue is fixed by adding a helper for qi batch allocation and calling it in both the cache tag assign domain() and cache tag assign parent domain() functions.

Recommendations To resolve the issue, update to a version of the Linux kernel that includes the fix for the qi batch NULL pointer dereference. As a temporary workaround, consider disabling the iommu map() function until a patch is available. Restrict access to the intel iommu iotlb sync map() function to minimize the risk of exploitation. Avoid using the domain->qi batch variable in the affected API endpoints until the issue is resolved. Apply the patch that adds a helper for qi batch allocation and calls it in both the cache tag assign domain() and cache tag assign parent domain() functions.