|CVE ID||CVE-2017-1000252 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)|
|Date Created||2017-09-22 10:57:55|
|Date Last Modified||2017-10-05 09:21:33|
|Cucumber 1.0 i686||fixed in linux-4.9.53-i686-1|
|Cucumber 1.0 x86_64||fixed in linux-4.9.53-x86_64-1|
|Cucumber 1.1 i686||fixed in linux-4.9.53-i686-1|
|Cucumber 1.1 x86_64||fixed in linux-4.9.53-x86_64-1|
We have discovered a user triggerable BUG() when using KVM with posted interrupts on Intel systems. This requires an unprivileged user to have access to the KVM device. Certain values in a KVM_IRQFD API call can trigger a BUG_ON() at a later point in vmx_update_pi_irte(). KVM as a whole seems to hang after that. The issue was introduced with Linux 4.4, patches have been posted to the KVM mailing list: - https://marc.info/?l=kvm&m=150549145711115&w=2 - https://marc.info/?l=kvm&m=150549146311117&w=2 (From http://seclists.org/oss-sec/2017/q3/465) This has been fixed in the mainline kernel by commit 3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb. As of Fri Sep 22 11:20:08 EDT 2017, this patch has yet to be applied to the 4.9 stable kernel tree.