| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024071249-CVE-2024-40989-c8da@gregkh> Date: Fri, 12 Jul 2024 14:37:53 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown Description =========== In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown When tearing down a redistributor region, make sure we don't have any dangling pointer to that region stored in a vcpu. The Linux kernel CVE team has assigned CVE-2024-40989 to this issue. Affected and fixed versions =========================== Issue introduced in 5.13 with commit e5a35635464b and fixed in 6.1.96 with commit 68df4fc449fc Issue introduced in 5.13 with commit e5a35635464b and fixed in 6.6.36 with commit 48bb62859d47 Issue introduced in 5.13 with commit e5a35635464b and fixed in 6.9.7 with commit 152b4123f21e Issue introduced in 5.13 with commit e5a35635464b and fixed in 6.10-rc5 with commit 0d92e4a7ffd5 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-40989 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: arch/arm64/kvm/vgic/vgic-init.c arch/arm64/kvm/vgic/vgic-mmio-v3.c arch/arm64/kvm/vgic/vgic.h Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/68df4fc449fcc24347209e500ce26d5816705a77 https://git.kernel.org/stable/c/48bb62859d47c5c4197a8c01128d0fa4f46ee58c https://git.kernel.org/stable/c/152b4123f21e6aff31cea01158176ad96a999c76 https://git.kernel.org/stable/c/0d92e4a7ffd5c42b9fa864692f82476c0bf8bcc8
Powered by blists - more mailing lists