Memory Decryption Vulnerability in Linux Kernel Affecting CoCo VMs
CVE-2024-57793
Currently unrated
Summary
A vulnerability exists in the Linux kernel that pertains to CoCo virtual machines (VMs), where an untrusted host can trigger failures in the set_memory_decrypted() function. When this function fails, it may inadvertently leak decrypted memory by sharing it with the page allocator instead of properly handling the error. This situation can lead to both functional and security complications, underscoring the necessity for careful error management in memory operations.
Affected Version(s)
Linux f4738f56d1dc62aaba69b33702a5ab098f1b8c63 < 1429ae7b7d4759a1e362456b8911c701bae655b4
Linux f4738f56d1dc62aaba69b33702a5ab098f1b8c63 < 27834971f616c5e154423c578fa95e0444444ce1
Linux 6.7
References
Timeline
Vulnerability published
Vulnerability Reserved