| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Play nice with protected guests in complete_hypercall_exit()\n\nUse is_64_bit_hypercall() instead of is_64_bit_mode() to detect a 64-bit\nhypercall when completing said hypercall. For guests with protected state,\ne.g. SEV-ES and SEV-SNP, KVM must assume the hypercall was made in 64-bit\nmode as the vCPU state needed to detect 64-bit mode is unavailable.\n\nHacking the sev_smoke_test selftest to generate a KVM_HC_MAP_GPA_RANGE\nhypercall via VMGEXIT trips the WARN:\n\n ------------[ cut here ]------------\n WARNING: CPU: 273 PID: 326626 at arch/x86/kvm/x86.h:180 complete_hypercall_exit+0x44/0xe0 [kvm]\n Modules linked in: kvm_amd kvm ... [last unloaded: kvm]\n CPU: 273 UID: 0 PID: 326626 Comm: sev_smoke_test Not tainted 6.12.0-smp--392e932fa0f3-feat #470\n Hardware name: Google Astoria/astoria, BIOS 0.20240617.0-0 06/17/2024\n RIP: 0010:complete_hypercall_exit+0x44/0xe0 [kvm]\n Call Trace:\n <TASK>\n kvm_arch_vcpu_ioctl_run+0x2400/0x2720 [kvm]\n kvm_vcpu_ioctl+0x54f/0x630 [kvm]\n __se_sys_ioctl+0x6b/0xc0\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n </TASK>\n ---[ end trace 0000000000000000 ]---" |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "arch/x86/kvm/x86.c" |
| ], |
| "versions": [ |
| { |
| "version": "5969e2435cbd7f0ce8c28d717bfc39987ee8d8f1", |
| "lessThan": "0840d360a8909c722fb62459f42836afe32ededb", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "b5aead0064f33ae5e693a364e3204fe1c0ac9af2", |
| "lessThan": "7ed4db315094963de0678a8adfd43c46471b9349", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "b5aead0064f33ae5e693a364e3204fe1c0ac9af2", |
| "lessThan": "3d2634ec0d1dbe8f4b511cf5261f327c6a76f4b6", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "b5aead0064f33ae5e693a364e3204fe1c0ac9af2", |
| "lessThan": "22b5c2acd65dbe949032f619d4758a35a82fffc3", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "b5aead0064f33ae5e693a364e3204fe1c0ac9af2", |
| "lessThan": "9b42d1e8e4fe9dc631162c04caa69b0d1860b0f0", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "arch/x86/kvm/x86.c" |
| ], |
| "versions": [ |
| { |
| "version": "5.16", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "5.16", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.176", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.122", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.6.68", |
| "lessThanOrEqual": "6.6.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.12.7", |
| "lessThanOrEqual": "6.12.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.13", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.15.5", |
| "versionEndExcluding": "5.15.176" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.16", |
| "versionEndExcluding": "6.1.122" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.16", |
| "versionEndExcluding": "6.6.68" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.16", |
| "versionEndExcluding": "6.12.7" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.16", |
| "versionEndExcluding": "6.13" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/0840d360a8909c722fb62459f42836afe32ededb" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/7ed4db315094963de0678a8adfd43c46471b9349" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/3d2634ec0d1dbe8f4b511cf5261f327c6a76f4b6" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/22b5c2acd65dbe949032f619d4758a35a82fffc3" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/9b42d1e8e4fe9dc631162c04caa69b0d1860b0f0" |
| } |
| ], |
| "title": "KVM: x86: Play nice with protected guests in complete_hypercall_exit()", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2024-55881", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
