APPLIED: [PATCH 0/1][SRU][X] CVE-2019-3882 - VFIO IOMMU DoS
Khaled Elmously
khalid.elmously at canonical.com
Tue Apr 23 06:33:41 UTC 2019
On 2019-04-18 07:28:10 , Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2019-3882
>
> A flaw was found in the Linux kernel's vfio interface implementation that
> permits violation of the user's locked memory limit. If a device is bound to a
> vfio driver, such as vfio-pci, and the local attacker is administratively
> granted ownership of the device, it may cause a system memory exhaustion and
> thus a denial of service (DoS).
>
> Minor backporting effort. Build logs are clean. I didn't have a good way to
> test this change but was able to smoke test it by loading the vfio_iommu_type1
> module with and without a dma_entry_limit module parameter specified.
>
> Tyler
>
> Alex Williamson (1):
> vfio/type1: Limit DMA mappings per container
>
> drivers/vfio/vfio_iommu_type1.c | 14 ++++++++++++++
> 1 file changed, 14 insertions(+)
>
> --
> 2.7.4
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list