In the Linux kernel, the following vulnerability has been resolved:
KVM: x86: Handle SRCU initialization failure during page track init
Check the return of init_srcu_struct(), which can fail due to OOM, when
initializing the page track mechanism. Lack of checking leads to a NULL
pointer deref found by a modified syzkaller.
[Move the call towards the beginning of kvm_arch_init_vm. - Paolo]
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"arch/x86/include/asm/kvm_page_track.h",
"arch/x86/kvm/mmu/page_track.c",
"arch/x86/kvm/x86.c"
],
"versions": [
{
"version": "1da177e4c3f4",
"lessThan": "deb294941767",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "4664318f73e4",
"status": "affected",
"versionType": "git"
},
{
"version": "1da177e4c3f4",
"lessThan": "eb7511bf9182",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"arch/x86/include/asm/kvm_page_track.h",
"arch/x86/kvm/mmu/page_track.c",
"arch/x86/kvm/x86.c"
],
"versions": [
{
"version": "5.10.71",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.14.10",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]