cve-2024-35875
Vulnerability from cvelistv5
Published
2024-05-19 08:34
Modified
2024-11-05 09:24
Severity ?
Summary
x86/coco: Require seeding RNG with RDRAND on CoCo systems
Impacted products
LinuxLinux
LinuxLinux
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-35875",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:38:48.795160Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:41:42.620Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:21:49.026Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/22943e4fe4b3a2dcbadc3d38d5bf840bbdbfe374"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/453b5f2dec276c1bb4ea078bf8c0da57ee4627e5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/08044b08b37528b82f70a87576c692b4e4b7716e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/99485c4c026f024e7cb82da84c7951dbe3deb584"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/coco/core.c",
            "arch/x86/include/asm/coco.h",
            "arch/x86/kernel/setup.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "22943e4fe4b3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "453b5f2dec27",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "08044b08b375",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "99485c4c026f",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/x86/coco/core.c",
            "arch/x86/include/asm/coco.h",
            "arch/x86/kernel/setup.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.85",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.26",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.8.*",
              "status": "unaffected",
              "version": "6.8.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.9",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/coco: Require seeding RNG with RDRAND on CoCo systems\n\nThere are few uses of CoCo that don\u0027t rely on working cryptography and\nhence a working RNG. Unfortunately, the CoCo threat model means that the\nVM host cannot be trusted and may actively work against guests to\nextract secrets or manipulate computation. Since a malicious host can\nmodify or observe nearly all inputs to guests, the only remaining source\nof entropy for CoCo guests is RDRAND.\n\nIf RDRAND is broken -- due to CPU hardware fault -- the RNG as a whole\nis meant to gracefully continue on gathering entropy from other sources,\nbut since there aren\u0027t other sources on CoCo, this is catastrophic.\nThis is mostly a concern at boot time when initially seeding the RNG, as\nafter that the consequences of a broken RDRAND are much more\ntheoretical.\n\nSo, try at boot to seed the RNG using 256 bits of RDRAND output. If this\nfails, panic(). This will also trigger if the system is booted without\nRDRAND, as RDRAND is essential for a safe CoCo boot.\n\nAdd this deliberately to be \"just a CoCo x86 driver feature\" and not\npart of the RNG itself. Many device drivers and platforms have some\ndesire to contribute something to the RNG, and add_device_randomness()\nis specifically meant for this purpose.\n\nAny driver can call it with seed data of any quality, or even garbage\nquality, and it can only possibly make the quality of the RNG better or\nhave no effect, but can never make it worse.\n\nRather than trying to build something into the core of the RNG, consider\nthe particular CoCo issue just a CoCo issue, and therefore separate it\nall out into driver (well, arch/platform) code.\n\n  [ bp: Massage commit message. ]"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-05T09:24:17.350Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/22943e4fe4b3a2dcbadc3d38d5bf840bbdbfe374"
        },
        {
          "url": "https://git.kernel.org/stable/c/453b5f2dec276c1bb4ea078bf8c0da57ee4627e5"
        },
        {
          "url": "https://git.kernel.org/stable/c/08044b08b37528b82f70a87576c692b4e4b7716e"
        },
        {
          "url": "https://git.kernel.org/stable/c/99485c4c026f024e7cb82da84c7951dbe3deb584"
        }
      ],
      "title": "x86/coco: Require seeding RNG with RDRAND on CoCo systems",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-35875",
    "datePublished": "2024-05-19T08:34:32.767Z",
    "dateReserved": "2024-05-17T13:50:33.110Z",
    "dateUpdated": "2024-11-05T09:24:17.350Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-35875\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-19T09:15:08.833\",\"lastModified\":\"2024-05-20T13:00:04.957\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nx86/coco: Require seeding RNG with RDRAND on CoCo systems\\n\\nThere are few uses of CoCo that don\u0027t rely on working cryptography and\\nhence a working RNG. Unfortunately, the CoCo threat model means that the\\nVM host cannot be trusted and may actively work against guests to\\nextract secrets or manipulate computation. Since a malicious host can\\nmodify or observe nearly all inputs to guests, the only remaining source\\nof entropy for CoCo guests is RDRAND.\\n\\nIf RDRAND is broken -- due to CPU hardware fault -- the RNG as a whole\\nis meant to gracefully continue on gathering entropy from other sources,\\nbut since there aren\u0027t other sources on CoCo, this is catastrophic.\\nThis is mostly a concern at boot time when initially seeding the RNG, as\\nafter that the consequences of a broken RDRAND are much more\\ntheoretical.\\n\\nSo, try at boot to seed the RNG using 256 bits of RDRAND output. If this\\nfails, panic(). This will also trigger if the system is booted without\\nRDRAND, as RDRAND is essential for a safe CoCo boot.\\n\\nAdd this deliberately to be \\\"just a CoCo x86 driver feature\\\" and not\\npart of the RNG itself. Many device drivers and platforms have some\\ndesire to contribute something to the RNG, and add_device_randomness()\\nis specifically meant for this purpose.\\n\\nAny driver can call it with seed data of any quality, or even garbage\\nquality, and it can only possibly make the quality of the RNG better or\\nhave no effect, but can never make it worse.\\n\\nRather than trying to build something into the core of the RNG, consider\\nthe particular CoCo issue just a CoCo issue, and therefore separate it\\nall out into driver (well, arch/platform) code.\\n\\n  [ bp: Massage commit message. ]\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: x86/coco: requiere inicializaci\u00f3n de RNG con RDRAND en sistemas CoCo. Hay pocos usos de CoCo que no dependan de una criptograf\u00eda funcional y, por lo tanto, de un RNG funcional. Desafortunadamente, el modelo de amenaza CoCo significa que no se puede confiar en el host de la VM y puede trabajar activamente contra los invitados para extraer secretos o manipular los c\u00e1lculos. Dado que un host malicioso puede modificar u observar casi todas las entradas de los invitados, la \u00fanica fuente de entrop\u00eda restante para los invitados CoCo es RDRAND. Si RDRAND se rompe (debido a una falla del hardware de la CPU), el RNG en su conjunto debe continuar recopilando entrop\u00eda de otras fuentes, pero como no hay otras fuentes en CoCo, esto es catastr\u00f3fico. Esto es principalmente una preocupaci\u00f3n en el momento del arranque cuando se siembra inicialmente el RNG, ya que despu\u00e9s de eso las consecuencias de un RDRAND roto son mucho m\u00e1s te\u00f3ricas. Entonces, intente en el arranque inicializar el RNG usando 256 bits de salida RDRAND. Si esto falla, entra en p\u00e1nico(). Esto tambi\u00e9n se activar\u00e1 si el sistema se inicia sin RDRAND, ya que RDRAND es esencial para un inicio CoCo seguro. Agregue esto deliberadamente para que sea \\\"solo una caracter\u00edstica del controlador CoCo x86\\\" y no parte del RNG en s\u00ed. Muchos controladores de dispositivos y plataformas desean contribuir con algo al RNG, y add_device_randomness() est\u00e1 dise\u00f1ado espec\u00edficamente para este prop\u00f3sito. Cualquier conductor puede llamarlo con datos semilla de cualquier calidad, o incluso calidad basura, y solo puede mejorar la calidad del RNG o no tener ning\u00fan efecto, pero nunca puede empeorarlo. En lugar de intentar construir algo en el n\u00facleo del RNG, considere el problema particular de CoCo solo como un problema de CoCo y, por lo tanto, sep\u00e1relo todo en c\u00f3digo de controlador (bueno, arco/plataforma).\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/08044b08b37528b82f70a87576c692b4e4b7716e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/22943e4fe4b3a2dcbadc3d38d5bf840bbdbfe374\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/453b5f2dec276c1bb4ea078bf8c0da57ee4627e5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/99485c4c026f024e7cb82da84c7951dbe3deb584\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.