CVE ID | CVE-2017-1000252 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu) |
Other ID(s) |
Affected Package(s) | linux |
Deficiency Type | SECURITY |
Date Created | 2017-09-22 10:57:55 |
Date Last Modified | 2017-10-05 09:21:33 |
Cucumber 1.0 i686 | fixed in linux-4.9.53-i686-1 |
Cucumber 1.0 x86_64 | fixed in linux-4.9.53-x86_64-1 |
Cucumber 1.1 i686 | fixed in linux-4.9.53-i686-1 |
Cucumber 1.1 x86_64 | fixed in linux-4.9.53-x86_64-1 |
We have discovered a user triggerable BUG() when using KVM with posted interrupts on Intel systems. This requires an unprivileged user to have access to the KVM device. Certain values in a KVM_IRQFD API call can trigger a BUG_ON() at a later point in vmx_update_pi_irte(). KVM as a whole seems to hang after that. The issue was introduced with Linux 4.4, patches have been posted to the KVM mailing list: - https://marc.info/?l=kvm&m=150549145711115&w=2 - https://marc.info/?l=kvm&m=150549146311117&w=2 (From http://seclists.org/oss-sec/2017/q3/465) This has been fixed in the mainline kernel by commit 3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb. As of Fri Sep 22 11:20:08 EDT 2017, this patch has yet to be applied to the 4.9 stable kernel tree.