| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 8 Jun 2021 09:17:34 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: Salvatore Bonaccorso <carnil@...ian.org>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
Sean Christopherson <sean.j.christopherson@...el.com>,
stable@...r.kernel.org, Wanpeng Li <kernellwp@...il.com>
Subject: Re: [PATCH 1/2] KVM: SVM: avoid infinite loop on NPF from bad address
On 08/06/21 06:39, Salvatore Bonaccorso wrote:
>
> Did this simply felt through the cracks here or is it not worth
> backporting to older series? At least
> https://bugzilla.redhat.com/show_bug.cgi?id=1947982#c3 seem to
> indicate it might not be worth of if there is risk for regression if I
> understand Wanpeng Li. Is this right?
It's not particularly interesting, because the loop can be broken with
just Ctrl-C (or any signal for that matter) and the guest was
misbehaving anyway. You can read from that bugzilla link my opinion on
this "vulnerability": if you run a VM for somebody and they want to
waste your CPU time, they can just run a while(1) loop.
It's a bug and it is caught by the kvm-unit-tests, so I marked it for
stable at the time because it can be useful to run kvm-unit-tests on
stable kernels and hanging is a bit impolite (the test harness has a
timeout, but of course tests that hang have the risk missing other
regressions).
I will review gladly a backport, but if it is just because of that CVE
report, documenting that the vulnerability is bogus would be time spent
better that doing and testing the backport.
Paolo
Powered by blists - more mailing lists