CVE-2024-57793

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-57793

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-57793.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-57793

Downstream

BELL-CVE-2024-57793

DEBIAN-CVE-2024-57793

SUSE-SU-2025:02387-1

SUSE-SU-2025:02388-1

SUSE-SU-2025:02403-1

SUSE-SU-2025:02410-1

SUSE-SU-2025:02411-1

SUSE-SU-2025:02412-1

SUSE-SU-2025:02413-1

SUSE-SU-2025:02449-1

SUSE-SU-2025:02459-1

SUSE-SU-2025:0289-1

SUSE-SU-2025:0428-1

SUSE-SU-2025:0499-1

SUSE-SU-2025:0556-1

SUSE-SU-2025:0557-1

SUSE-SU-2025:0577-1

SUSE-SU-2025:0577-2

UBUNTU-CVE-2024-57793

USN-7379-1

USN-7381-1

USN-7382-1

USN-7513-1

USN-7513-2

USN-7513-3

USN-7513-4

USN-7513-5

USN-7514-1

USN-7515-1

USN-7515-2

USN-7522-1

USN-7523-1

USN-7524-1

Related

Published

2025-01-11T12:39:47Z

Modified

2025-10-17T19:50:01.368231Z

Summary

virt: tdx-guest: Just leak decrypted memory on unrecoverable errors

Details

In the Linux kernel, the following vulnerability has been resolved:

virt: tdx-guest: Just leak decrypted memory on unrecoverable errors

In CoCo VMs it is possible for the untrusted host to cause setmemorydecrypted() to fail such that an error is returned and the resulting memory is shared. Callers need to take care to handle these errors to avoid returning decrypted (shared) memory to the page allocator, which could lead to functional or security issues.

Leak the decrypted memory when setmemorydecrypted() fails, and don't need to print an error since setmemorydecrypted() will call WARN_ONCE().

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

f4738f56d1dc62aaba69b33702a5ab098f1b8c63

Fixed

1429ae7b7d4759a1e362456b8911c701bae655b4

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

f4738f56d1dc62aaba69b33702a5ab098f1b8c63

Fixed

27834971f616c5e154423c578fa95e0444444ce1

Affected versions

v6.*

v6.10

v6.10-rc1

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.12

v6.12-rc1

v6.12-rc2

v6.12-rc3

v6.12-rc4

v6.12-rc5

v6.12-rc6

v6.12-rc7

v6.12.1

v6.12.2

v6.12.3

v6.12.4

v6.12.5

v6.12.6

v6.12.7

v6.13-rc1

v6.13-rc2

v6.13-rc3

v6.13-rc4

v6.6

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.7

v6.7-rc1

v6.7-rc2

v6.7-rc3

v6.7-rc4

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.9

v6.9-rc1

v6.9-rc2

v6.9-rc3

v6.9-rc4

v6.9-rc5

v6.9-rc6

v6.9-rc7

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.8