[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <2024102152-stinky-tiger-4e51@gregkh>
Date: Mon, 21 Oct 2024 14:58:14 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Juergen Gross <jgross@...e.com>
Cc: cve@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: CVE-2024-47722: xen: use correct end address of kernel for
conflict checking
On Mon, Oct 21, 2024 at 02:35:16PM +0200, Juergen Gross wrote:
> On 21.10.24 14:16, Greg Kroah-Hartman wrote:
> > Description
> > ===========
> >
> > In the Linux kernel, the following vulnerability has been resolved:
> >
> > xen: use correct end address of kernel for conflict checking
> >
> > When running as a Xen PV dom0 the kernel is loaded by the hypervisor
> > using a different memory map than that of the host. In order to
> > minimize the required changes in the kernel, the kernel adapts its
> > memory map to that of the host. In order to do that it is checking
> > for conflicts of its load address with the host memory map.
> >
> > Unfortunately the tested memory range does not include the .brk
> > area, which might result in crashes or memory corruption when this
> > area does conflict with the memory map of the host.
> >
> > Fix the test by using the _end label instead of __bss_stop.
> >
> > The Linux kernel CVE team has assigned CVE-2024-47722 to this issue.
>
> I fail to see how an unprivileged user could cause any harm here.
>
> This bug is affecting the guest only, so only the guest admin can cause
> harm to the guest at will via a special kernel. IMHO nothing CVE-worthy
> here.
Ah, I thought this could affect the host, sorry about that.
> So I'd like to ask for this CVE being revoked.
Now revoked!
thanks for the review.
greg k-h
Powered by blists - more mailing lists