NVD

CVE-2024-26598 Detail

Modified

This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DISCARD ITS command. The root of the problem is that vgic_its_check_cache() does not elevate the refcount on the vgic_irq before dropping the lock that serializes refcount changes. Have vgic_its_check_cache() raise the refcount on the returned vgic_irq and add the corresponding decrement after queueing the interrupt.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: 7.8 HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

ADP: CISA-ADP

Base Score: 7.8 HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink	Resource
https://git.kernel.org/stable/c/12c2759ab1343c124ed46ba48f27bd1ef5d2dff4	Patch
https://git.kernel.org/stable/c/65b201bf3e9af1b0254243a5881390eda56f72d1	Patch
https://git.kernel.org/stable/c/ad362fe07fecf0aba839ff2cc59a3617bd42c33f	Patch
https://git.kernel.org/stable/c/ba7be666740847d967822bed15500656b26bc703	Patch
https://git.kernel.org/stable/c/d04acadb6490aa3314f9c9e087691e55de153b88	Patch
https://git.kernel.org/stable/c/dba788e25f05209adf2b0175eb1691dc89fb1ba6	Patch
https://git.kernel.org/stable/c/dd3956a1b3dd11f46488c928cb890d6937d1ca80	Patch

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-416	Use After Free	NIST CISA-ADP

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

8 change records found show changes

Modified Analysis by NIST 8/27/2024 10:34:41 AM

Action

Type

Old Value

New Value

Added

CPE Configuration

OR
     *cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Changed

CPE Configuration

Record truncated, showing 500 of 633 characters.
View Entire Change Record

OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to (excluding) 5.4.269
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5.0 up to (excluding) 5.10.209
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11.0 up to (excluding) 5.15.148
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16.0 up to (excluding) 6.1.75
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2.

Record truncated, showing 500 of 644 characters.
View Entire Change Record

OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.4 up to (excluding) 5.4.269
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 up to (excluding) 5.10.209
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.148
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.1.75
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (

Changed

Reference Type

https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html No Types Assigned

https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html Mailing List, Third Party Advisory

Initial Analysis by NIST 4/17/2024 3:40:31 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		Record truncated, showing 500 of 633 characters. View Entire Change Record OR cpe:2.3:o:linux:linux_kernel::::::::* versions up to (excluding) 5.4.269 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.5.0 up to (excluding) 5.10.209 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.11.0 up to (excluding) 5.15.148 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 5.16.0 up to (excluding) 6.1.75 cpe:2.3:o:linux:linux_kernel::::::::* versions from (including) 6.2.
Added	CVSS V3.1		NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added	CWE		NIST CWE-416
Changed	Reference Type	https://git.kernel.org/stable/c/12c2759ab1343c124ed46ba48f27bd1ef5d2dff4 No Types Assigned	https://git.kernel.org/stable/c/12c2759ab1343c124ed46ba48f27bd1ef5d2dff4 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/65b201bf3e9af1b0254243a5881390eda56f72d1 No Types Assigned	https://git.kernel.org/stable/c/65b201bf3e9af1b0254243a5881390eda56f72d1 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/ad362fe07fecf0aba839ff2cc59a3617bd42c33f No Types Assigned	https://git.kernel.org/stable/c/ad362fe07fecf0aba839ff2cc59a3617bd42c33f Patch
Changed	Reference Type	https://git.kernel.org/stable/c/ba7be666740847d967822bed15500656b26bc703 No Types Assigned	https://git.kernel.org/stable/c/ba7be666740847d967822bed15500656b26bc703 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/d04acadb6490aa3314f9c9e087691e55de153b88 No Types Assigned	https://git.kernel.org/stable/c/d04acadb6490aa3314f9c9e087691e55de153b88 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/dba788e25f05209adf2b0175eb1691dc89fb1ba6 No Types Assigned	https://git.kernel.org/stable/c/dba788e25f05209adf2b0175eb1691dc89fb1ba6 Patch
Changed	Reference Type	https://git.kernel.org/stable/c/dd3956a1b3dd11f46488c928cb890d6937d1ca80 No Types Assigned	https://git.kernel.org/stable/c/dd3956a1b3dd11f46488c928cb890d6937d1ca80 Patch

New CVE Received by NIST 2/23/2024 10:15:09 AM

Action	Type	New Value
Added	Description	Record truncated, showing 500 of 597 characters. View Entire Change Record In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DISCARD ITS command. The root of the problem is that vgic_its_check_cache() does not elevate the refcount on the vgic_irq before dropping the lock that serializes refcount changes. Have vgic_its_check_cache() raise the re
Added	Reference	Linux https://git.kernel.org/stable/c/12c2759ab1343c124ed46ba48f27bd1ef5d2dff4 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/65b201bf3e9af1b0254243a5881390eda56f72d1 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/ad362fe07fecf0aba839ff2cc59a3617bd42c33f [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/ba7be666740847d967822bed15500656b26bc703 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/d04acadb6490aa3314f9c9e087691e55de153b88 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/dba788e25f05209adf2b0175eb1691dc89fb1ba6 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/dd3956a1b3dd11f46488c928cb890d6937d1ca80 [No types assigned]

Quick Info

CVE Dictionary Entry:
CVE-2024-26598
NVD Published Date:
02/23/2024
NVD Last Modified:
11/05/2024
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2024-26598 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

CVE Modified by kernel.org 11/05/2024 5:15:29 AM

Modified Analysis by NIST 8/27/2024 10:34:41 AM

CVE Modified by CISA-ADP 8/07/2024 12:35:03 PM

CVE Modified by kernel.org 6/25/2024 5:15:57 PM

CVE Modified by kernel.org 5/29/2024 2:16:37 AM

CVE Modified by kernel.org 5/14/2024 11:09:19 AM

Initial Analysis by NIST 4/17/2024 3:40:31 PM

New CVE Received by NIST 2/23/2024 10:15:09 AM

Quick Info