APPLIED: [PATCH 0/1][SRU][B/C] CVE-2018-16882 - Nested KVM DoS
Kleber Souza
kleber.souza at canonical.com
Thu Jan 10 15:10:02 UTC 2019
On 1/9/19 11:48 PM, Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-16882.html
>
> A use after free issue was found in the way Linux kernel's KVM hypervisor
> processed posted interrupts, when nested(=1) virtualization is enabled. In
> nested_get_vmcs12_pages(), in case of an error while processing posted
> interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc'
> descriptor address. Which is latter used in pi_test_and_clear_on(). A guest
> user/process could use this flaw to crash the host kernel resulting in DoS.
>
> This is a clean cherry pick to Bionic and Cosmic. Disco already has the patch
> applied. I've smoke tested this patch by booting nested KVM instances using,
> both, the Bionic and Cosmic kernels.
>
> Tyler
>
>
Applied to bionic/master-next and cosmic/master-next branches.
Thanks,
Kleber
More information about the kernel-team
mailing list