CVE-2024-53135

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 4, 2024
Updated: Dec 14, 2024

Summary

CVE-2024-53135 is a vulnerability affecting the Linux kernel that involves the KVM virtualization feature. This issue exposes risks to both the guest and host systems. The vulnerability lies in the handling of Intel PT virtualization, which is hidden behind the CONFIG_BROKEN flag by default. The implementation of Intel PT virtualization in KVM contains numerous bugs, some of which can lead to guest fatalities. One critical problem is that KVM fails to disable guest tracing prior to VM-Enter, which violates Intel's specifications. On the host side, KVM does not validate the guest CPUID configuration and relies on it for MSR handling at VM-Enter and VM-Exit. This can result in attempts to passthrough, save, and load non-existent MSRs, leading to various warnings, errors, and potential deadlocks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share