CVE-2024-56669

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises from the current implementation of the Linux kernel, where cache tags are removed after disabling ATS, leading to potential memory leaks and kernel crashes. Specifically, CACHE TAG DEVTLB type cache tags may remain in the list even after the domain is freed, causing a use-after-free condition. This problem occurs when multiple VFs from different PFs are passed through to a single user-space process via vfio-pci, resulting in kernel crashes with messages like "BUG: kernel NULL pointer dereference". The cache tag flush range function is involved in the issue, and moving cache tag unassign domain before iommu disable pci caps can fix it.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.