CVE-2024-36913: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's Microsoft Hyper-V VMBus driver has been identified (CVE-2024-36913). The issue was discovered in May 2024 and affects the memory encryption handling in Confidential Computing (CoCo) Virtual Machines. In CoCo VMs, an untrusted host can cause set_memory_encrypted() or set_memory_decrypted() functions to fail, resulting in memory being improperly shared (Kernel Commit).

The vulnerability exists in the VMBus code where failed memory encryption/decryption operations could lead to decrypted (shared) memory being returned to the page allocator. When set_memory_encrypted() or set_memory_decrypted() fails, the encryption state of the memory becomes unknown. The issue specifically affects the drivers/hv/connection.c file in the Linux kernel. The vulnerability has been assigned a CVSS v3.1 base score of 8.1 HIGH with vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H (CISA ADP).

If exploited, this vulnerability could lead to functional or security issues by exposing sensitive memory contents. The main risk is that decrypted (shared) memory could be returned to the page allocator, potentially allowing access to confidential data that should remain encrypted in CoCo VMs (Kernel Commit).

The issue has been patched in the Linux kernel by modifying the VMBus code to leak pages instead of returning them to the free list when set_memory_encrypted() or set_memory_decrypted() fails. This prevents potentially decrypted memory from being reused. The fix involves changes to the memory handling in the vmbus_connect() and vmbus_disconnect() functions (Kernel Commit).