CVE-2024-35957: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability was discovered in the Linux kernel's Intel Virtualization Technology for Directed I/O (VT-d) subsystem. The issue stems from an incorrect assumption in commit 1a75cc710b95 that each device has a unique source ID when tracking IOMMU probed devices in an rbtree data structure. This assumption is not supported by the VT-d specification (Kernel Commit).

The vulnerability affects the IOMMU probe path in the Linux kernel's VT-d implementation. The issue occurs when the system attempts to track devices probed by the IOMMU driver in an rbtree indexed by the source ID of each device. The rbtree is used specifically for handling ATS (Address Translation Services) invalidation timeout errors and PRI (Page Request Interface) I/O page faults, both of which are PCI ATS feature-related (Kernel Commit).

When triggered, the vulnerability results in a kernel warning (WARN_ON) and can lead to IOMMU probe failure on affected platforms. This can cause system instability and potentially affect the proper functioning of device I/O operations that rely on IOMMU functionality (Kernel Commit).

The issue has been fixed by modifying the device tracking logic to only include devices that have PCI ATS capabilities in the rbtree. This change prevents unnecessary WARN_ON triggers in the IOMMU probe path while maintaining the required functionality for ATS-related features (Kernel Commit).