[SRU][F][PATCH 0/1] CVE-2024-36953
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Thu Sep 26 15:13:08 UTC 2024
[Impact]
KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
vgic_v2_parse_attr() is responsible for finding the vCPU that matches
the user-provided CPUID, which (of course) may not be valid. If the ID
is invalid, kvm_get_vcpu_by_id() returns NULL, which isn't handled
gracefully.
Check that kvm_get_vcpu_by_id() actually returns something and fail the ioctl if not.
[Fix]
Noble: Fixed
Jammy: Fixed
Focal: Backported from linux-5.10.y
Bionic: Sent to ESM ML
Xenial: Not affected
[Test Case]
Compile tested only.
[Where problems could occur]
The fix affects ARM KVM VGICv2 implementation. An issue with this fix
may lead to kernel crashes during the configuration og virtual CPUs.
Users may also experience failed attempts to start and run properly
virtual machines.
Oliver Upton (1):
KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()
virt/kvm/arm/vgic/vgic-kvm-device.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--
2.43.0
More information about the kernel-team
mailing list