CVE-2024-36913: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's Microsoft Hyper-V VMBus driver has been identified (CVE-2024-36913). The issue was discovered in May 2024 and affects the memory encryption handling in Confidential Computing (CoCo) Virtual Machines. In CoCo VMs, an untrusted host can cause setmemoryencrypted() or setmemorydecrypted() functions to fail, resulting in memory being improperly shared (Kernel Commit).

The vulnerability exists in the VMBus code where failed memory encryption/decryption operations could lead to decrypted (shared) memory being returned to the page allocator. When setmemoryencrypted() or setmemorydecrypted() fails, the encryption state of the memory becomes unknown. The issue specifically affects the drivers/hv/connection.c file in the Linux kernel. The vulnerability has been assigned a CVSS v3.1 base score of 8.1 HIGH with vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H (CISA ADP).

If exploited, this vulnerability could lead to functional or security issues by exposing sensitive memory contents. The main risk is that decrypted (shared) memory could be returned to the page allocator, potentially allowing access to confidential data that should remain encrypted in CoCo VMs (Kernel Commit).

The issue has been patched in the Linux kernel by modifying the VMBus code to leak pages instead of returning them to the free list when setmemoryencrypted() or setmemorydecrypted() fails. This prevents potentially decrypted memory from being reused. The fix involves changes to the memory handling in the vmbusconnect() and vmbusdisconnect() functions (Kernel Commit).