PT-2025-3141 · Linux+5 · Linux Kernel+5

Published

2024-11-27

·

Updated

2025-05-29

·

CVE-2024-55881

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description The issue is related to the KVM: x86 component in the Linux kernel, specifically with the complete hypercall exit() function. It affects guests with protected state, such as SEV-ES and SEV-SNP. The problem arises when detecting 64-bit hypercalls, as the vCPU state needed for detection is unavailable. This leads to a warning when a specific hypercall is generated via VMGEXIT. The estimated number of potentially affected devices is not provided.
Recommendations For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider restricting the use of the complete hypercall exit() function until a patch is available. Additionally, be cautious when using the KVM HC MAP GPA RANGE hypercall via VMGEXIT to avoid triggering the warning.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-07753
CVE-2024-55881
DLA-4076-1
MGASA-2025-0030
MGASA-2025-0032
OESA-2025-1446
OESA-2025-1450
OPENSUSE-SU-2025_0428-1
OPENSUSE-SU-2025_0499-1
OPENSUSE-SU-2025_0557-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:0428-1
SUSE-SU-2025:0499-1
SUSE-SU-2025:0557-1
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025_0428-1
SUSE-SU-2025_0499-1
SUSE-SU-2025_0557-1
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7407-1
USN-7421-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7514-1
USN-7515-1
USN-7515-2
USN-7522-1
USN-7523-1
USN-7524-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu