| Message ID | 20240926151331.54544-1-massimiliano.pellizzer@canonical.com |
|---|---|
| Headers | show |
| Series | CVE-2024-36953 | expand |
Acked-by: Mehmet Basaran <mehmet.basaran@canonical.com> Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com> writes: > [Impact] > > KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() > > vgic_v2_parse_attr() is responsible for finding the vCPU that matches > the user-provided CPUID, which (of course) may not be valid. If the ID > is invalid, kvm_get_vcpu_by_id() returns NULL, which isn't handled > gracefully. > > Check that kvm_get_vcpu_by_id() actually returns something and fail the ioctl if not. > > > [Fix] > > Noble: Fixed > Jammy: Fixed > Focal: Backported from linux-5.10.y > Bionic: Sent to ESM ML > Xenial: Not affected > > [Test Case] > > Compile tested only. > > [Where problems could occur] > > The fix affects ARM KVM VGICv2 implementation. An issue with this fix > may lead to kernel crashes during the configuration og virtual CPUs. > Users may also experience failed attempts to start and run properly > virtual machines. > > Oliver Upton (1): > KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() > > virt/kvm/arm/vgic/vgic-kvm-device.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > -- > 2.43.0 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team
Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com> writes: > [Impact] > > KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() > > vgic_v2_parse_attr() is responsible for finding the vCPU that matches > the user-provided CPUID, which (of course) may not be valid. If the ID > is invalid, kvm_get_vcpu_by_id() returns NULL, which isn't handled > gracefully. > > Check that kvm_get_vcpu_by_id() actually returns something and fail the ioctl if not. > > > [Fix] > > Noble: Fixed > Jammy: Fixed > Focal: Backported from linux-5.10.y > Bionic: Sent to ESM ML > Xenial: Not affected > > [Test Case] > > Compile tested only. > > [Where problems could occur] > > The fix affects ARM KVM VGICv2 implementation. An issue with this fix > may lead to kernel crashes during the configuration og virtual CPUs. > Users may also experience failed attempts to start and run properly > virtual machines. > > Oliver Upton (1): > KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() > > virt/kvm/arm/vgic/vgic-kvm-device.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > Acked-by: Chris Chiu <chris.chiu@canonical.com>
On 26/09/2024 17:13, Massimiliano Pellizzer wrote: > [Impact] > > KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() > > vgic_v2_parse_attr() is responsible for finding the vCPU that matches > the user-provided CPUID, which (of course) may not be valid. If the ID > is invalid, kvm_get_vcpu_by_id() returns NULL, which isn't handled > gracefully. > > Check that kvm_get_vcpu_by_id() actually returns something and fail the ioctl if not. > > > [Fix] > > Noble: Fixed > Jammy: Fixed > Focal: Backported from linux-5.10.y > Bionic: Sent to ESM ML > Xenial: Not affected > > [Test Case] > > Compile tested only. > > [Where problems could occur] > > The fix affects ARM KVM VGICv2 implementation. An issue with this fix > may lead to kernel crashes during the configuration og virtual CPUs. > Users may also experience failed attempts to start and run properly > virtual machines. > > Oliver Upton (1): > KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() > > virt/kvm/arm/vgic/vgic-kvm-device.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > Applied to focal:linux master-next branch. Thanks!