Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 2 Oct 2017 14:06:44 +0200
From: Greg KH <>
Subject: Re: CVE-2017-1000252: KVM denial of service with
 posted interrupts on Intel systems (since Linux 4.4)

On Fri, Sep 15, 2017 at 06:36:59PM +0200, Jan H. Schönherr wrote:
> Hi.
> We have discovered a user triggerable BUG() when using KVM with posted interrupts on Intel
> systems. This requires an unprivileged user to have access to the KVM device.
> Certain values in a KVM_IRQFD API call can trigger a BUG_ON() at a later point in
> vmx_update_pi_irte(). KVM as a whole seems to hang after that.
> The issue was introduced with Linux 4.4, patches have been posted to the KVM
> mailing list:
> -
> -

Note, for those intersted in this, the second patch was reverted and
doesn't seem to be needed.


greg k-h

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ