Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. In the logic establishing these mappings, error handling was flawed, resulting in such mappings to potentially remain in place when they should have been removed again. Respective guests would then gain access to memory regions which they aren't supposed to have access to.
History

Fri, 22 Nov 2024 12:00:00 +0000


Wed, 25 Sep 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Xen
Xen xen
Weaknesses CWE-400
CPEs cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*
Vendors & Products Xen
Xen xen
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 25 Sep 2024 10:45:00 +0000

Type Values Removed Values Added
Description Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. In the logic establishing these mappings, error handling was flawed, resulting in such mappings to potentially remain in place when they should have been removed again. Respective guests would then gain access to memory regions which they aren't supposed to have access to.
Title error handling in x86 IOMMU identity mapping
References

cve-icon MITRE

Status: PUBLISHED

Assigner: XEN

Published: 2024-09-25T10:31:43.523Z

Updated: 2024-09-25T13:29:33.308Z

Reserved: 2024-03-28T18:14:12.893Z

Link: CVE-2024-31145

cve-icon Vulnrichment

Updated: 2024-09-25T11:02:50.356Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-09-25T11:15:12.133

Modified: 2024-11-21T09:12:55.410

Link: CVE-2024-31145

cve-icon Redhat

No data.