CVE-2024-35939 (GCVE-0-2024-35939)

Vulnerability from cvelistv5 – Published: 2024-05-19 10:10 – Updated: 2026-01-05 10:35
VLAI?
Title
dma-direct: Leak pages on dma_set_decrypted() failure
Summary
In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dma_set_decrypted() failure On TDX it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory is shared. Callers need to take care to handle these errors to avoid returning decrypted (shared) memory to the page allocator, which could lead to functional or security issues. DMA could free decrypted/shared pages if dma_set_decrypted() fails. This should be a rare case. Just leak the pages in this case instead of freeing them.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 56fccf21d1961a06e2a0c96ce446ebf036651062 , < 4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9 (git)
Affected: 56fccf21d1961a06e2a0c96ce446ebf036651062 , < 4031b72ca747a1e6e9ae4fa729e765b43363d66a (git)
Affected: 56fccf21d1961a06e2a0c96ce446ebf036651062 , < b57326c96b7bc7638aa8c44e12afa2defe0c934c (git)
Affected: 56fccf21d1961a06e2a0c96ce446ebf036651062 , < b9fa16949d18e06bdf728a560f5c8af56d2bdcaf (git)
Affected: 91c7b0407ca6a62c095d265f76926b67bf66c026 (git)
Create a notification for this product.
    Linux Linux Affected: 5.8
Unaffected: 0 , < 5.8 (semver)
Unaffected: 6.1.86 , ≤ 6.1.* (semver)
Unaffected: 6.6.27 , ≤ 6.6.* (semver)
Unaffected: 6.8.6 , ≤ 6.8.* (semver)
Unaffected: 6.9 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-35939",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-20T14:32:53.392867Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:34:33.840Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:21:49.028Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4031b72ca747a1e6e9ae4fa729e765b43363d66a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b57326c96b7bc7638aa8c44e12afa2defe0c934c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/dma/direct.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9",
              "status": "affected",
              "version": "56fccf21d1961a06e2a0c96ce446ebf036651062",
              "versionType": "git"
            },
            {
              "lessThan": "4031b72ca747a1e6e9ae4fa729e765b43363d66a",
              "status": "affected",
              "version": "56fccf21d1961a06e2a0c96ce446ebf036651062",
              "versionType": "git"
            },
            {
              "lessThan": "b57326c96b7bc7638aa8c44e12afa2defe0c934c",
              "status": "affected",
              "version": "56fccf21d1961a06e2a0c96ce446ebf036651062",
              "versionType": "git"
            },
            {
              "lessThan": "b9fa16949d18e06bdf728a560f5c8af56d2bdcaf",
              "status": "affected",
              "version": "56fccf21d1961a06e2a0c96ce446ebf036651062",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "91c7b0407ca6a62c095d265f76926b67bf66c026",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/dma/direct.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.86",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.27",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.86",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.27",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8.6",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.9",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.7.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-direct: Leak pages on dma_set_decrypted() failure\n\nOn TDX it is possible for the untrusted host to cause\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\nerror is returned and the resulting memory is shared. Callers need to\ntake care to handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional or security\nissues.\n\nDMA could free decrypted/shared pages if dma_set_decrypted() fails. This\nshould be a rare case. Just leak the pages in this case instead of\nfreeing them."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T10:35:53.529Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9"
        },
        {
          "url": "https://git.kernel.org/stable/c/4031b72ca747a1e6e9ae4fa729e765b43363d66a"
        },
        {
          "url": "https://git.kernel.org/stable/c/b57326c96b7bc7638aa8c44e12afa2defe0c934c"
        },
        {
          "url": "https://git.kernel.org/stable/c/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf"
        }
      ],
      "title": "dma-direct: Leak pages on dma_set_decrypted() failure",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-35939",
    "datePublished": "2024-05-19T10:10:44.931Z",
    "dateReserved": "2024-05-17T13:50:33.131Z",
    "dateUpdated": "2026-01-05T10:35:53.529Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndma-direct: Leak pages on dma_set_decrypted() failure\\n\\nOn TDX it is possible for the untrusted host to cause\\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\\nerror is returned and the resulting memory is shared. Callers need to\\ntake care to handle these errors to avoid returning decrypted (shared)\\nmemory to the page allocator, which could lead to functional or security\\nissues.\\n\\nDMA could free decrypted/shared pages if dma_set_decrypted() fails. This\\nshould be a rare case. Just leak the pages in this case instead of\\nfreeing them.\"}, {\"lang\": \"es\", \"value\": \" En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dma-direct: p\\u00e1ginas filtradas en el fallo de dma_set_decrypted() En TDX es posible que el host que no es de confianza provoque que set_memory_encrypted() o set_memory_decrypted() falle de modo que se devuelva un error y la memoria resultante se comparte. Las personas que llaman deben tener cuidado al manejar estos errores para evitar devolver memoria descifrada (compartida) al asignador de p\\u00e1ginas, lo que podr\\u00eda provocar problemas funcionales o de seguridad. DMA podr\\u00eda liberar p\\u00e1ginas descifradas/compartidas si dma_set_decrypted() falla. Este deber\\u00eda ser un caso raro. En este caso, simplemente filtre las p\\u00e1ginas en lugar de liberarlas.\"}]",
      "id": "CVE-2024-35939",
      "lastModified": "2024-11-21T09:21:14.910",
      "published": "2024-05-19T11:15:49.690",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/4031b72ca747a1e6e9ae4fa729e765b43363d66a\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/b57326c96b7bc7638aa8c44e12afa2defe0c934c\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/4031b72ca747a1e6e9ae4fa729e765b43363d66a\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/b57326c96b7bc7638aa8c44e12afa2defe0c934c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-35939\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-19T11:15:49.690\",\"lastModified\":\"2025-09-24T20:13:12.173\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndma-direct: Leak pages on dma_set_decrypted() failure\\n\\nOn TDX it is possible for the untrusted host to cause\\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\\nerror is returned and the resulting memory is shared. Callers need to\\ntake care to handle these errors to avoid returning decrypted (shared)\\nmemory to the page allocator, which could lead to functional or security\\nissues.\\n\\nDMA could free decrypted/shared pages if dma_set_decrypted() fails. This\\nshould be a rare case. Just leak the pages in this case instead of\\nfreeing them.\"},{\"lang\":\"es\",\"value\":\" En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: dma-direct: p\u00e1ginas filtradas en el fallo de dma_set_decrypted() En TDX es posible que el host que no es de confianza provoque que set_memory_encrypted() o set_memory_decrypted() falle de modo que se devuelva un error y la memoria resultante se comparte. Las personas que llaman deben tener cuidado al manejar estos errores para evitar devolver memoria descifrada (compartida) al asignador de p\u00e1ginas, lo que podr\u00eda provocar problemas funcionales o de seguridad. DMA podr\u00eda liberar p\u00e1ginas descifradas/compartidas si dma_set_decrypted() falla. Este deber\u00eda ser un caso raro. En este caso, simplemente filtre las p\u00e1ginas en lugar de liberarlas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.1.86\",\"matchCriteriaId\":\"FE734CE8-823E-4412-B78D-CBCE2100A702\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.27\",\"matchCriteriaId\":\"41504EFE-0C3F-4B7C-B855-EFE4FA9ACB84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.8.6\",\"matchCriteriaId\":\"22CA5433-1303-41EF-AD4C-F4645DC01541\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4031b72ca747a1e6e9ae4fa729e765b43363d66a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b57326c96b7bc7638aa8c44e12afa2defe0c934c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4031b72ca747a1e6e9ae4fa729e765b43363d66a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b57326c96b7bc7638aa8c44e12afa2defe0c934c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/4031b72ca747a1e6e9ae4fa729e765b43363d66a\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/b57326c96b7bc7638aa8c44e12afa2defe0c934c\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T03:21:49.028Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-35939\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-20T14:32:53.392867Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:24.857Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"dma-direct: Leak pages on dma_set_decrypted() failure\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"56fccf21d1961a06e2a0c96ce446ebf036651062\", \"lessThan\": \"4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"56fccf21d1961a06e2a0c96ce446ebf036651062\", \"lessThan\": \"4031b72ca747a1e6e9ae4fa729e765b43363d66a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"56fccf21d1961a06e2a0c96ce446ebf036651062\", \"lessThan\": \"b57326c96b7bc7638aa8c44e12afa2defe0c934c\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"56fccf21d1961a06e2a0c96ce446ebf036651062\", \"lessThan\": \"b9fa16949d18e06bdf728a560f5c8af56d2bdcaf\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"91c7b0407ca6a62c095d265f76926b67bf66c026\", \"versionType\": \"git\"}], \"programFiles\": [\"kernel/dma/direct.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.8\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.8\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.1.86\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.27\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8.6\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.8.*\"}, {\"status\": \"unaffected\", \"version\": \"6.9\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"kernel/dma/direct.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/4e0cfb25d49da2e6261ad582f58ffa5b5dd8c8e9\"}, {\"url\": \"https://git.kernel.org/stable/c/4031b72ca747a1e6e9ae4fa729e765b43363d66a\"}, {\"url\": \"https://git.kernel.org/stable/c/b57326c96b7bc7638aa8c44e12afa2defe0c934c\"}, {\"url\": \"https://git.kernel.org/stable/c/b9fa16949d18e06bdf728a560f5c8af56d2bdcaf\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndma-direct: Leak pages on dma_set_decrypted() failure\\n\\nOn TDX it is possible for the untrusted host to cause\\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\\nerror is returned and the resulting memory is shared. Callers need to\\ntake care to handle these errors to avoid returning decrypted (shared)\\nmemory to the page allocator, which could lead to functional or security\\nissues.\\n\\nDMA could free decrypted/shared pages if dma_set_decrypted() fails. This\\nshould be a rare case. Just leak the pages in this case instead of\\nfreeing them.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.86\", \"versionStartIncluding\": \"5.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.27\", \"versionStartIncluding\": \"5.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.8.6\", \"versionStartIncluding\": \"5.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.9\", \"versionStartIncluding\": \"5.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"5.7.7\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-01-05T10:35:53.529Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-35939\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-05T10:35:53.529Z\", \"dateReserved\": \"2024-05-17T13:50:33.131Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-19T10:10:44.931Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}