Bug 2309857 (CVE-2024-44994)

Summary: CVE-2024-44994 kernel: iommu: Restore lost return in iommu_report_device_fault()
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: dfreiber, drow, jburrell, vkumar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2309918    
Bug Blocks:    

Description OSIDB Bzimport 2024-09-04 20:22:10 UTC 
In the Linux kernel, the following vulnerability has been resolved:

iommu: Restore lost return in iommu_report_device_fault()

When iommu_report_device_fault gets called with a partial fault it is
supposed to collect the fault into the group and then return.

Instead the return was accidently deleted which results in trying to
process the fault and an eventual crash.

Deleting the return was a typo, put it back.
Comment 1 Robb Gatica 2024-09-04 21:42:30 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024090448-CVE-2024-44994-9c09@gregkh/T
Comment 2 errata-xmlrpc 2024-12-11 00:58:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:10939 https://access.redhat.com/errata/RHSA-2024:10939