Linux Kernel Vulnerability in KVM Affecting AMD's SEV-ES and SEV-SNP Implementations
CVE-2024-55881

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
11 January 2025

What is CVE-2024-55881?

A vulnerability in the Linux kernel's KVM component can lead to improper handling of hypercalls for protected guests utilizing AMD's SEV-ES and SEV-SNP features. The issue arises from the incorrect detection of 64-bit hypercall mode during the exit process, where the state of the vCPU does not reveal whether a hypercall was made in 64-bit mode. This oversight could potentially allow unauthorized access or manipulation of virtual machine functionalities. Prompt patching is recommended to mitigate the risk associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 5969e2435cbd7f0ce8c28d717bfc39987ee8d8f1 < 0840d360a8909c722fb62459f42836afe32ededb

Linux b5aead0064f33ae5e693a364e3204fe1c0ac9af2 < 7ed4db315094963de0678a8adfd43c46471b9349

Linux b5aead0064f33ae5e693a364e3204fe1c0ac9af2 < 3d2634ec0d1dbe8f4b511cf5261f327c6a76f4b6

References

https://git.kernel.org/stable/c/0840d360a8909c722fb62459f...
https://git.kernel.org/stable/c/7ed4db315094963de0678a8ad...
https://git.kernel.org/stable/c/3d2634ec0d1dbe8f4b511cf52...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.