{
  "threat_severity" : "Moderate",
  "public_date" : "2024-05-19T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems",
    "id" : "2281727",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2281727"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nx86/coco: Require seeding RNG with RDRAND on CoCo systems\nThere are few uses of CoCo that don't rely on working cryptography and\nhence a working RNG. Unfortunately, the CoCo threat model means that the\nVM host cannot be trusted and may actively work against guests to\nextract secrets or manipulate computation. Since a malicious host can\nmodify or observe nearly all inputs to guests, the only remaining source\nof entropy for CoCo guests is RDRAND.\nIf RDRAND is broken -- due to CPU hardware fault -- the RNG as a whole\nis meant to gracefully continue on gathering entropy from other sources,\nbut since there aren't other sources on CoCo, this is catastrophic.\nThis is mostly a concern at boot time when initially seeding the RNG, as\nafter that the consequences of a broken RDRAND are much more\ntheoretical.\nSo, try at boot to seed the RNG using 256 bits of RDRAND output. If this\nfails, panic(). This will also trigger if the system is booted without\nRDRAND, as RDRAND is essential for a safe CoCo boot.\nAdd this deliberately to be \"just a CoCo x86 driver feature\" and not\npart of the RNG itself. Many device drivers and platforms have some\ndesire to contribute something to the RNG, and add_device_randomness()\nis specifically meant for this purpose.\nAny driver can call it with seed data of any quality, or even garbage\nquality, and it can only possibly make the quality of the RNG better or\nhave no effect, but can never make it worse.\nRather than trying to build something into the core of the RNG, consider\nthe particular CoCo issue just a CoCo issue, and therefore separate it\nall out into driver (well, arch/platform) code.\n[ bp: Massage commit message. ]", "CVE-2024-35875 addresses a security concern in the Linux kernel's handling of confidential computing (CoCo) environments. In these setups, the virtual machine (VM) host is untrusted and may attempt to compromise guest VMs. A critical component for maintaining security in such environments is a reliable random number generator (RNG), which depends on the CPU's RDRAND instruction to generate entropy.\nThe vulnerability arises when the RDRAND instruction fails—due to hardware faults or other issues—leaving the RNG without sufficient entropy sources. This deficiency is particularly problematic during the system's initial boot phase, potentially compromising cryptographic operations and overall system security.\nIn CoCo environments, the untrusted VM host can manipulate or observe most inputs to guest VMs. The primary entropy source for these guests is the CPU's RDRAND instruction. If RDRAND fails, the RNG lacks alternative entropy sources, leading to potential security vulnerabilities.\nA malfunctioning RDRAND during boot can result in insufficient entropy for cryptographic functions, undermining the security of the CoCo environment." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-09-11T00:00:00Z",
    "advisory" : "RHSA-2024:6567",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-427.35.1.el9_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-09-11T00:00:00Z",
    "advisory" : "RHSA-2024:6567",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-427.35.1.el9_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "release_date" : "2024-09-04T00:00:00Z",
    "advisory" : "RHSA-2024:6267",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.2",
    "package" : "kernel-0:5.14.0-284.82.1.el9_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support",
    "release_date" : "2024-09-04T00:00:00Z",
    "advisory" : "RHSA-2024:6268",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.2::nfv",
    "package" : "kernel-rt-0:5.14.0-284.82.1.rt14.367.el9_2"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-35875\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35875\nhttps://lore.kernel.org/linux-cve-announce/2024051942-CVE-2024-35875-e23d@gregkh/T" ],
  "name" : "CVE-2024-35875",
  "csaw" : false
}