{"uuid": "f65e551f-2d40-4af5-9cb8-97e97d58e681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-46794", "type": "seen", "source": "https://t.me/cvedetector/5926", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46794 - Linux Kernel TDX x86 Memory Leak\", \n  \"Content\": \"CVE ID : CVE-2024-46794 \nPublished : Sept. 18, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nx86/tdx: Fix data leak in mmio_read()  \n  \nThe mmio_read() function makes a TDVMCALL to retrieve MMIO data for an  \naddress from the VMM.  \n  \nSean noticed that mmio_read() unintentionally exposes the value of an  \ninitialized variable (val) on the stack to the VMM.  \n  \nThis variable is only needed as an output value. It did not need to be  \npassed to the VMM in the first place.  \n  \nDo not send the original value of *val to the VMM.  \n  \n[ dhansen: clarify what 'val' is used for. ] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T10:52:23.000000Z"}