android_kernel_zuk_msm8996.git

diff options

author	Maxim Levitsky <mlevitsk@redhat.com>	2021-08-16 16:02:31 +0200
committer	Sasha Levin <sashal@kernel.org>	2021-08-26 08:37:48 -0400
commit	53723b7be26ef31ad642ce5ffa8b42dec16db40e (patch)
tree	f02e345797b7ac571d2b1ae153cffeb52cfeb934 /drivers/misc/ibmasm/command.c
parent	f1c2379db980d52f181d30321b2eb395e3a91858 (diff)

KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)

[ upstream commit 0f923e07124df069ba68d8bb12324398f4b6b709 ] * Invert the mask of bits that we pick from L2 in nested_vmcb02_prepare_control * Invert and explicitly use VIRQ related bits bitmask in svm_clear_vintr This fixes a security issue that allowed a malicious L1 to run L2 with AVIC enabled, which allowed the L2 to exploit the uninitialized and enabled AVIC to read/write the host physical memory at some offsets. Fixes: 3d6368ef580a ("KVM: SVM: Add VMRUN handler") Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'drivers/misc/ibmasm/command.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: