CVE-2024-40989

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-40989
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-40989.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-40989
Downstream
Related
Published
2024-07-12T12:37:33Z
Modified
2025-10-17T08:22:08.946313Z
Summary
KVM: arm64: Disassociate vcpus from redistributor region on teardown
Details

In the Linux kernel, the following vulnerability has been resolved:

KVM: arm64: Disassociate vcpus from redistributor region on teardown

When tearing down a redistributor region, make sure we don't have any dangling pointer to that region stored in a vcpu.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e5a35635464bc5304674b84ea42615a3fd0bd949
Fixed
68df4fc449fcc24347209e500ce26d5816705a77
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e5a35635464bc5304674b84ea42615a3fd0bd949
Fixed
48bb62859d47c5c4197a8c01128d0fa4f46ee58c
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e5a35635464bc5304674b84ea42615a3fd0bd949
Fixed
152b4123f21e6aff31cea01158176ad96a999c76
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e5a35635464bc5304674b84ea42615a3fd0bd949
Fixed
0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8

Affected versions

v5.*

v5.12
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.54
v6.1.55
v6.1.56
v6.1.57
v6.1.58
v6.1.59
v6.1.6
v6.1.60
v6.1.61
v6.1.62
v6.1.63
v6.1.64
v6.1.65
v6.1.66
v6.1.67
v6.1.68
v6.1.69
v6.1.7
v6.1.70
v6.1.71
v6.1.72
v6.1.73
v6.1.74
v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.1.8
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.9
v6.1.90
v6.1.91
v6.1.92
v6.1.93
v6.1.94
v6.1.95
v6.10-rc1
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.2
v6.9.3
v6.9.4
v6.9.5
v6.9.6

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "digest": {
            "length": 88.0,
            "function_hash": "275952759591055993801075915722653491702"
        },
        "id": "CVE-2024-40989-002df42d",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8",
        "deprecated": false,
        "target": {
            "function": "vgic_v3_free_redist_region",
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 590.0,
            "function_hash": "209086483030875701187416370234429329206"
        },
        "id": "CVE-2024-40989-07960b1b",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@68df4fc449fcc24347209e500ce26d5816705a77",
        "deprecated": false,
        "target": {
            "function": "kvm_vgic_dist_destroy",
            "file": "arch/arm64/kvm/vgic/vgic-init.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 88.0,
            "function_hash": "275952759591055993801075915722653491702"
        },
        "id": "CVE-2024-40989-1ff5b0f0",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48bb62859d47c5c4197a8c01128d0fa4f46ee58c",
        "deprecated": false,
        "target": {
            "function": "vgic_v3_free_redist_region",
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 621.0,
            "function_hash": "8322872220473735557896535497847631962"
        },
        "id": "CVE-2024-40989-38efee82",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@152b4123f21e6aff31cea01158176ad96a999c76",
        "deprecated": false,
        "target": {
            "function": "kvm_vgic_dist_destroy",
            "file": "arch/arm64/kvm/vgic/vgic-init.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "73476334808431446020558470346622715295",
                "226283670366822899589870708565048753758",
                "83100366392891682691560679375577865666",
                "197895344425616365389578381498908970142",
                "206700142233924492875361459361680797080",
                "103609487316081694862149222922875600669",
                "48743646716189751754315135112840173921",
                "294441909388968464846891602417871978615",
                "148326777741722534566991189684792521556"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-4136a643",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@152b4123f21e6aff31cea01158176ad96a999c76",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "302449676333689576856128706563822681147",
                "37618935820291496444712625441919899501",
                "60307087501120089810509857798094234129",
                "229415243127182595908913627731284211418"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-4429fd2d",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@152b4123f21e6aff31cea01158176ad96a999c76",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic.h"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "302449676333689576856128706563822681147",
                "37618935820291496444712625441919899501",
                "60307087501120089810509857798094234129",
                "229415243127182595908913627731284211418"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-4677ee8a",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48bb62859d47c5c4197a8c01128d0fa4f46ee58c",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic.h"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 479.0,
            "function_hash": "122388688744785646874386715993369723634"
        },
        "id": "CVE-2024-40989-58144e22",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@152b4123f21e6aff31cea01158176ad96a999c76",
        "deprecated": false,
        "target": {
            "function": "vgic_v3_set_redist_base",
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 574.0,
            "function_hash": "255989014590597965620187217671272697931"
        },
        "id": "CVE-2024-40989-60eecc7b",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8",
        "deprecated": false,
        "target": {
            "function": "kvm_vgic_dist_destroy",
            "file": "arch/arm64/kvm/vgic/vgic-init.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "302449676333689576856128706563822681147",
                "37618935820291496444712625441919899501",
                "60307087501120089810509857798094234129",
                "229415243127182595908913627731284211418"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-6f2c82dc",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic.h"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "73476334808431446020558470346622715295",
                "226283670366822899589870708565048753758",
                "83100366392891682691560679375577865666",
                "197895344425616365389578381498908970142",
                "206700142233924492875361459361680797080",
                "103609487316081694862149222922875600669",
                "48743646716189751754315135112840173921",
                "294441909388968464846891602417871978615",
                "148326777741722534566991189684792521556"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-73664fe6",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "73476334808431446020558470346622715295",
                "226283670366822899589870708565048753758",
                "83100366392891682691560679375577865666",
                "197895344425616365389578381498908970142",
                "206700142233924492875361459361680797080",
                "103609487316081694862149222922875600669",
                "48743646716189751754315135112840173921",
                "294441909388968464846891602417871978615",
                "148326777741722534566991189684792521556"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-7c1e7bb0",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@68df4fc449fcc24347209e500ce26d5816705a77",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "303273734760237955985954526834894108078",
                "28191957754829465156926066600131072405",
                "97557696315326965146099622390662865781",
                "47009871880376505769073083671833620318"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-7f47885e",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic-init.c"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "303273734760237955985954526834894108078",
                "28191957754829465156926066600131072405",
                "97557696315326965146099622390662865781",
                "47009871880376505769073083671833620318"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-a3049d80",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48bb62859d47c5c4197a8c01128d0fa4f46ee58c",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic-init.c"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "303273734760237955985954526834894108078",
                "28191957754829465156926066600131072405",
                "97557696315326965146099622390662865781",
                "47009871880376505769073083671833620318"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-b72249e7",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@152b4123f21e6aff31cea01158176ad96a999c76",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic-init.c"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 88.0,
            "function_hash": "275952759591055993801075915722653491702"
        },
        "id": "CVE-2024-40989-bba586f0",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@152b4123f21e6aff31cea01158176ad96a999c76",
        "deprecated": false,
        "target": {
            "function": "vgic_v3_free_redist_region",
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "303273734760237955985954526834894108078",
                "28191957754829465156926066600131072405",
                "97557696315326965146099622390662865781",
                "47009871880376505769073083671833620318"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-bebc033c",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@68df4fc449fcc24347209e500ce26d5816705a77",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic-init.c"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "73476334808431446020558470346622715295",
                "226283670366822899589870708565048753758",
                "83100366392891682691560679375577865666",
                "197895344425616365389578381498908970142",
                "206700142233924492875361459361680797080",
                "103609487316081694862149222922875600669",
                "48743646716189751754315135112840173921",
                "294441909388968464846891602417871978615",
                "148326777741722534566991189684792521556"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-c3501571",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48bb62859d47c5c4197a8c01128d0fa4f46ee58c",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Line"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 88.0,
            "function_hash": "275952759591055993801075915722653491702"
        },
        "id": "CVE-2024-40989-d1132c46",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@68df4fc449fcc24347209e500ce26d5816705a77",
        "deprecated": false,
        "target": {
            "function": "vgic_v3_free_redist_region",
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 479.0,
            "function_hash": "122388688744785646874386715993369723634"
        },
        "id": "CVE-2024-40989-dc58a8eb",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48bb62859d47c5c4197a8c01128d0fa4f46ee58c",
        "deprecated": false,
        "target": {
            "function": "vgic_v3_set_redist_base",
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 479.0,
            "function_hash": "122388688744785646874386715993369723634"
        },
        "id": "CVE-2024-40989-dddb9125",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@68df4fc449fcc24347209e500ce26d5816705a77",
        "deprecated": false,
        "target": {
            "function": "vgic_v3_set_redist_base",
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 590.0,
            "function_hash": "209086483030875701187416370234429329206"
        },
        "id": "CVE-2024-40989-dfd2d220",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48bb62859d47c5c4197a8c01128d0fa4f46ee58c",
        "deprecated": false,
        "target": {
            "function": "kvm_vgic_dist_destroy",
            "file": "arch/arm64/kvm/vgic/vgic-init.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 479.0,
            "function_hash": "122388688744785646874386715993369723634"
        },
        "id": "CVE-2024-40989-e0dd3cd6",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8",
        "deprecated": false,
        "target": {
            "function": "vgic_v3_set_redist_base",
            "file": "arch/arm64/kvm/vgic/vgic-mmio-v3.c"
        },
        "signature_type": "Function"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "302449676333689576856128706563822681147",
                "37618935820291496444712625441919899501",
                "60307087501120089810509857798094234129",
                "229415243127182595908913627731284211418"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-40989-f5c91ba1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@68df4fc449fcc24347209e500ce26d5816705a77",
        "deprecated": false,
        "target": {
            "file": "arch/arm64/kvm/vgic/vgic.h"
        },
        "signature_type": "Line"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.13.0
Fixed
6.1.96
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.36
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.9.7