CVE-2024-57999: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-57999 affects the Linux kernel's powerpc/pseries/iommu subsystem. The vulnerability was discovered when the Power Hypervisor allocated an MMIO window that intersects with the Dynamic DMA Window (DDW) range over 32-bit addressing. The IOMMU incorrectly marks MMIO range in DDW, causing the system to crash with a kernel OOPS during boot (Kernel Git).

The vulnerability stems from two key issues in the code: 1) A type mismatch where the index is defined as "int" while the address is "unsigned long", resulting in negative values when setting the bitmap, and 2) The DMA offset is page shifted but the MMIO range is used as-is (64-bit address) without proper page shifting. This causes MMIO pages to not be marked correctly as reserved, allowing IOMMU to map DMA buffers in this range (Kernel Git).

When exploited, this vulnerability results in a kernel OOPS during system boot, causing a crash with the error "Unable to handle kernel data access on read". This affects Linux systems running on IBM POWER9 architecture with IOMMU and DDW configurations (Kernel Git).

The issue has been fixed in the Linux kernel through patches that: 1) Change the index type from 'int' to 'unsigned long' in iommu_table_reserve_pages(), and 2) Add proper page shifting for MMIO addresses in multiple locations within the pseries/iommu.c file. Users should update to the patched kernel version (Kernel Git).