CVE-2024-50115: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50115 affects the Linux kernel's KVM (Kernel-based Virtual Machine) nested SVM (Secure Virtual Machine) functionality. The vulnerability was discovered in October 2024 and involves improper handling of nCR3 bits when loading PDPTEs (Page Directory Pointer Table Entries) from memory. This issue affects Linux kernel versions from 3.2 through 6.11.6 (NVD).

The vulnerability stems from a failure to ignore bits 4:0 of nCR3 when loading PDPTEs from memory for nested SVM. According to the AMD Programming Manual (APM), the page-directory-pointer table should be aligned on a 32-byte boundary, with the low 5 address bits (4:0) assumed to be 0. While KVM correctly handles this requirement when loading PDPTRs, the nested SVM flow was found to be broken. The vulnerability has been assigned a CVSS v3.1 base score of 7.1 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

In the worst-case scenario, this vulnerability can result in an out-of-bounds read, particularly if the target page is at the end of a memslot and the Virtual Machine Monitor (VMM) isn't using guard pages. This could potentially lead to information disclosure or system crashes (Kernel Patch).

The vulnerability has been patched in the Linux kernel by modifying the nestedsvmgettdppdptr function to properly mask the lower 5 bits of nCR3 when reading PDPTEs from memory. The fix has been backported to multiple stable kernel versions. Users should update their Linux kernel to a patched version (Kernel Patch).