{"vulnerability": "CVE-2024-56668", "sightings": [{"uuid": "d8c58937-af79-4b42-949c-31d3093ab7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56668", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecc2pa2be25", "content": "", "creation_timestamp": "2024-12-27T15:20:51.351342Z"}, {"uuid": "4bb8e004-f214-4632-8491-5307bc55ad18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-56668", "type": "seen", "source": "https://t.me/cvedetector/13771", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56668 - Intel IOMMU vt-d IOMMU NULL Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56668 \nPublished : Dec. 27, 2024, 3:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \niommu/vt-d: Fix qi_batch NULL pointer with nested parent domain  \n  \nThe qi_batch is allocated when assigning cache tag for a domain. While  \nfor nested parent domain, it is missed. Hence, when trying to map pages  \nto the nested parent, NULL dereference occurred. Also, there is potential  \nmemleak since there is no lock around domain->qi_batch allocation.  \n  \nTo solve it, add a helper for qi_batch allocation, and call it in both  \nthe __cache_tag_assign_domain() and __cache_tag_assign_parent_domain().  \n  \n  BUG: kernel NULL pointer dereference, address: 0000000000000200  \n  #PF: supervisor read access in kernel mode  \n  #PF: error_code(0x0000) - not-present page  \n  PGD 8104795067 P4D 0  \n  Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI  \n  CPU: 223 UID: 0 PID: 4357 Comm: qemu-system-x86 Not tainted 6.13.0-rc1-00028-g4b50c3c3b998-dirty #2632  \n  Call Trace:  \n   ? __die+0x24/0x70  \n   ? page_fault_oops+0x80/0x150  \n   ? do_user_addr_fault+0x63/0x7b0  \n   ? exc_page_fault+0x7c/0x220  \n   ? asm_exc_page_fault+0x26/0x30  \n   ? cache_tag_flush_range_np+0x13c/0x260  \n   intel_iommu_iotlb_sync_map+0x1a/0x30  \n   iommu_map+0x61/0xf0  \n   batch_to_domain+0x188/0x250  \n   iopt_area_fill_domains+0x125/0x320  \n   ? rcu_is_watching+0x11/0x50  \n   iopt_map_pages+0x63/0x100  \n   iopt_map_common.isra.0+0xa7/0x190  \n   iopt_map_user_pages+0x6a/0x80  \n   iommufd_ioas_map+0xcd/0x1d0  \n   iommufd_fops_ioctl+0x118/0x1c0  \n   __x64_sys_ioctl+0x93/0xc0  \n   do_syscall_64+0x71/0x140  \n   entry_SYSCALL_64_after_hwframe+0x76/0x7e \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T16:51:04.000000Z"}]}