ACK: [SRU Bionic 0/1] CVE-2021-38198
Stefan Bader
stefan.bader at canonical.com
Thu Sep 23 07:21:18 UTC 2021
On 22.09.21 20:47, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> It was discovered that the KVM hypervisor implementation in the Linux
> kernel did not properly compute the access permissions for shadow pages in
> some situations. A local attacker could use this to cause a denial of
> service.
>
> [Backport]
> I picked up the backport that was done for 4.19.y, as there was a small
> conflict in one of the hunks and a file rename.
>
> [Test case]
> kvm-unit-tests access test will check for this bug. It fails before the
> fix and passes after the fix.
>
> [Potential regression]
> KVM guest page faults could be erronously handled, causing issues on
> KVM guests.
>
> Lai Jiangshan (1):
> KVM: X86: MMU: Use the correct inherited permissions to get shadow
> page
>
> Documentation/virtual/kvm/mmu.txt | 4 ++--
> arch/x86/kvm/paging_tmpl.h | 14 +++++++++-----
> 2 files changed, 11 insertions(+), 7 deletions(-)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20210923/e79d4a0a/attachment.sig>
More information about the kernel-team
mailing list