AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2024-35791: In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm->lock to fix UAF in

highvulnerability

security

Source: NVD/CVE DatabaseMay 17, 2024CVE-2024-35791

Summary

A use-after-free vulnerability (UAF, a bug where code tries to access memory that has already been freed) was found in the Linux kernel's KVM (virtual machine software) SVM (a CPU virtualization technology) module in the svm_register_enc_region() function. The vulnerability occurred because a cache flush operation was happening after releasing a lock, allowing another part of the program to delete the region data before the flush completed.

Solution / Mitigation

Do the cache flush of converted pages in svm_register_enc_region() before dropping kvm->lock (release the lock only after the flush is complete, not before). This ensures the region and its page array cannot be freed by another task while the flush is still in progress.

Vulnerability Details

CVSS Score

7.8(high)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-416

CAPEC (Attack Pattern)

CAPEC-233

Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-35791

First tracked: February 15, 2026 at 08:52 PM

Classified by LLM (prompt v3) · confidence: 95%