armbian/linux
0
0
Fork 0
mirror of https://github.com/armbian/linux.git synced 2026-01-06 10:13:00 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
404ced25b4212bcaaa2de3be6861433587717bbf
linux/virt/kvm
History
Andy Honig f4d838225e KVM: Improve create VCPU parameter (CVE-2013-4587) 
commit 338c7dbadd upstream.

In multiple functions the vcpu_id is used as an offset into a bitfield.  Ag
malicious user could specify a vcpu_id greater than 255 in order to set or
clear bits in kernel memory.  This could be used to elevate priveges in the
kernel.  This patch verifies that the vcpu_id provided is less than 255.
The api documentation already specifies that the vcpu_id must be less than
max_vcpus, but this is currently not checked.

Reported-by: Andrew Honig <ahonig@google.com>
Signed-off-by: Andrew Honig <ahonig@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-12-20 07:45:07 -08:00
..
assigned-dev.c
KVM: Move irq routing to generic code
2013-04-26 20:27:17 +02:00
async_pf.c
KVM: do not release the error page
2012-08-06 16:04:58 +03:00
async_pf.h
coalesced_mmio.c
KVM: make checks stricter in coalesced_mmio_in_range()
2011-12-27 11:17:07 +02:00
coalesced_mmio.h
KVM: Make coalesced mmio use a device per zone
2011-09-25 19:17:57 +03:00
eventfd.c
KVM: Introduce CONFIG_HAVE_KVM_IRQ_ROUTING
2013-04-26 20:27:14 +02:00
ioapic.c
KVM: Set TMR when programming ioapic entry
2013-04-16 16:32:40 -03:00
ioapic.h
KVM: Set TMR when programming ioapic entry
2013-04-16 16:32:40 -03:00
iodev.h
iommu.c
KVM: IOMMU: hva align mapping page size
2013-11-29 11:11:50 -08:00
irq_comm.c
KVM: Move irq routing setup to irqchip.c
2013-04-26 20:27:18 +02:00
irqchip.c
KVM: Move irq routing setup to irqchip.c
2013-04-26 20:27:18 +02:00
Kconfig
KVM: Introduce CONFIG_HAVE_KVM_IRQ_ROUTING
2013-04-26 20:27:14 +02:00
kvm_main.c
KVM: Improve create VCPU parameter (CVE-2013-4587)
2013-12-20 07:45:07 -08:00