CVE-2024-46707: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-46707 is a vulnerability in the Linux kernel affecting the KVM (Kernel-based Virtual Machine) subsystem on ARM64 architectures. The vulnerability was discovered by Alexander Potapenko and disclosed on September 13, 2024. It affects multiple versions of the Linux kernel, including versions up to 5.10.225, 5.15.166, 6.1.107, 6.6.48, and 6.10.7 (NVD).

The vulnerability occurs in the ARM64 KVM implementation when handling ICCSGIEL1 registers on systems with GICv3 (Generic Interrupt Controller version 3). When a guest system is not configured with GICv3 and the host cannot emulate GICv2, writes to ICCSGIEL1 registers are trapped to EL2, leading to a NULL pointer dereference due to no private interrupt being allocated. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a NULL pointer dereference in the kernel, potentially causing system crashes or denial of service conditions in affected systems. This primarily affects virtualized environments using KVM on ARM64 architectures with specific GIC configurations (NVD).

The vulnerability has been patched in the Linux kernel by implementing a fix that returns an UNDEF exception when ICCSGIEL1 registers are accessed without a properly configured vGICv3. The fix has been backported to multiple kernel versions. System administrators should update to patched kernel versions (Kernel Patch).