CVE-2024-53232

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/3be34fa1cdbf180c1a948cfededfdf2cdc497199", "name": "https://git.kernel.org/stable/c/3be34fa1cdbf180c1a948cfededfdf2cdc497199", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/bd89d94f3ea6fdaee983cbc69226a00b9bde6d59", "name": "https://git.kernel.org/stable/c/bd89d94f3ea6fdaee983cbc69226a00b9bde6d59", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/ecda483339a5151e3ca30d6b82691ef6f1d17912", "name": "https://git.kernel.org/stable/c/ecda483339a5151e3ca30d6b82691ef6f1d17912", "tags": ["Patch"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/s390: Implement blocking domain\n\nThis fixes a crash when surprise hot-unplugging a PCI device. This crash\nhappens because during hot-unplug __iommu_group_set_domain_nofail()\nattaching the default domain fails when the platform no longer\nrecognizes the device as it has already been removed and we end up with\na NULL domain pointer and UAF. This is exactly the case referred to in\nthe second comment in __iommu_device_set_domain() and just as stated\nthere if we can instead attach the blocking domain the UAF is prevented\nas this can handle the already removed device. Implement the blocking\ndomain to use this handling. With this change, the crash is fixed but\nwe still hit a warning attempting to change DMA ownership on a blocked\ndevice."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-476"}, {"lang": "en", "value": "CWE-416"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-53232", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2024-12-27T14:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.12.2", "versionStartIncluding": "6.12"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.11.11", "versionStartIncluding": "6.7"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-02-10T18:15Z"}