Main Vulnerability Database SB20240531420

SB20240531420 - NULL pointer dereference in Linux kernel iommu intel driver

Published: May 31, 2024 Updated: May 14, 2025

Security Bulletin ID SB20240531420

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2024-27079)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the intel_pasid_setup_nested() function in drivers/iommu/intel/pasid.c, within the domain_context_clear() and intel_iommu_release_device() functions in drivers/iommu/intel/iommu.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/333fe86968482ca701c609af590003bcea450e8f
https://git.kernel.org/stable/c/81e921fd321614c2ad8ac333b041aae1da7a1c6d
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.2