CVE-2024-44948— x86/mtrr: Check if fixed MTRRs exist before saving them
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-44948
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
x86/mtrr: Check if fixed MTRRs exist before saving them
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an obsolete fixed variant for fine grained caching control of the 640K-1MB region that uses separate MSRs. This fixed variant has a separate capability bit in the MTRR capability MSR. So far all x86 CPUs which support MTRR have this separate bit set, so it went unnoticed that mtrr_save_state() does not check the capability bit before accessing the fixed MTRR MSRs. Though on a CPU that does not support the fixed MTRR capability this results in a #GP. The #GP itself is harmless because the RDMSR fault is handled gracefully, but results in a WARN_ON(). Add the missing capability check to prevent this.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于x86/mtrr组件存在固定MTRRs存在性检查漏洞。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-44948
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-44948
请登录查看更多情报信息。
Same Patch Batch · Linux · 2024-09-04 · 58 CVEs total
| CVE-2024-44991 | tcp: prevent concurrent execution of tcp_sk_exit_batch | |
| CVE-2024-45002 | rtla/osnoise: Prevent NULL dereference in error handling | |
| CVE-2024-45006 | xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration | |
| CVE-2024-45004 | KEYS: trusted: dcp: fix leak of blob encryption key | |
| CVE-2024-45003 | vfs: Don't evict inode under the inode lru traversing context | |
| CVE-2024-45005 | KVM: s390: fix validity interception issue when gisa is switched off | |
| CVE-2024-44994 | iommu: Restore lost return in iommu_report_device_fault() | |
| CVE-2024-44993 | drm/v3d: Fix out-of-bounds read in `v3d_csd_job_run()` | |
| CVE-2024-44992 | smb/client: avoid possible NULL dereference in cifs_free_subrequest() | |
| CVE-2024-44990 | bonding: fix null pointer deref in bond_ipsec_offload_ok | |
| CVE-2024-44995 | net: hns3: fix a deadlock problem when config TC during resetting | |
| CVE-2024-44989 | bonding: fix xfrm real_dev null pointer dereference | |
| CVE-2024-44988 | net: dsa: mv88e6xxx: Fix out-of-bound access | |
| CVE-2024-44987 | ipv6: prevent UAF in ip6_send_skb() | |
| CVE-2024-44986 | ipv6: fix possible UAF in ip6_finish_output2() | |
| CVE-2024-44985 | ipv6: prevent possible UAF in ip6_xmit() | |
| CVE-2024-44983 | netfilter: flowtable: validate vlan header | |
| CVE-2024-44984 | bnxt_en: Fix double DMA unmapping for XDP_REDIRECT | |
| CVE-2024-44982 | drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails | |
| CVE-2024-44981 | workqueue: Fix UBSAN 'subtraction overflow' error in shift_and_mask() |
Showing top 20 of 58 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
Same vendor: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
V. Comments for CVE-2024-44948
No comments yet