Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

A issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM – Use kzalloc for SEV ioctl interfaces to prevent kernel data leaks. For some SEV ioctl interfaces, the length parameter passed may be less than or equal to SEVFWBLOBMAXSIZE, but larger than the data returned by the PSP...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSCFACTOR for Secure TSC frequency calculation When using Secure TSC, the GUESTTSCFREQ MSR reports a frequency based on the nominal P0 frequency. This frequency deviates slightly typically 0.2% from the actual mean T...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Mapping EFI-reserved memory as encrypted for SEV Some drivers require memory that is marked as EFI boot services data. To prevent this memory from being reused by the kernel after ExitBootServices, efimemreserve is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use vmcb01 in VMSAVE/VMLOAD emulation. The commit cc3ed80ae69f states that “KVM: nSVM: always use vmcb01 for vmsave/vmload of guest state”. This commit ensured that KVM always used vmcb01 for the fields controll...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Removed a user-triggered WARN message in nestedsvmloadcr3. The WARN message in svmsetnestedstate in nestedsvmloadcr3 was removed. This is because it is trivially easy for userspace to trigger this message by modifying...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: A WARN message is generated on vNMI when an NMI is requested, provided that the NMIs are effectively masked. This occurs only if the vCPU is already handling an NMI. KVM’s approach for handling simultaneous NMIs is to...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: serial: amba-pl011: avoid SBSA UART accessing the DMACR register The chapter “B Generic UART” in “ARM Server Base System Architecture” 1 describes a generic UART interface. Such a generic UART does not support DMA. In current cod...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM – Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN instead of asserting that TSC scaling is exposed to L1 if L1’s MSRAMD64TSCRATIO has diverged from KVM’s...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM – Fix for a panic occurring on an out-of-bounds guest IRQ. Since the guestIRQ comes from the KVMIRQFD API call, it may trigger a crash in svmupdatepiirte, due to an out-of-bounds access. Crash output: pid: 22218 task:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory Ignore nCR34:0 when loading PDPTEs from memory for nested SVMs. When PAE paging is used, the bits 4:0 of the CR3 register are ignored, and thus VMRUN does not enforce a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Rejects attempts to synchronize VMSA of a vCPU that has already been launched/encrypted. Synchronize the vCPU state with its associated VMSA if the vCPU has already been launched, that is, if the VMSA has already been...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: s390 – Fixed an issue with validity checks when gisa is disabled. This issue occurs when gisa is disabled either by using the kernel parameter “kvm.usegisa=0” or by setting the related sysfs attribute to N echo N...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86/pmu: Disabled support for adaptive PEBS. Disabling support for virtualizing adaptive PEBS is necessary because KVM’s implementation is architecturally broken without an obvious/easy way to address this issue...

Astra Linux - уязвимость в linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Moved the unregistration of NPIV’s transport to after resource cleanup. There are cases after NPIV is deleted where the fabric switch still believes that NPIV is registered in the fabric. This occurs when a vport i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active. Exiting to userspace will generate a spurious userspace exit, usually...

Astra Linux - уязвимость в linux

A issue was discovered in Linux: improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks and cause pages to be freed while still accessible by the VMM and guest. This allows users who have the ability to start and control a VM to read/write random pages of memory, potentially leading ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: smm: the number of GPRs in the SMRAM image depends on the image format. On 64-bit hosts, if the guest does not have X86FEATURELM, KVM will access 16 GPRs for a 32-bit SMMR image, resulting in an out-of-bound RAM access...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory during the launch of a SEV virtual machine. The warning message looks like this: 464.325306 WARNING: CPU: 13 PID: 6734 at...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: nSVM: fixed a potential NULL dereference during nested migration. It turns out that due to feedback from reviews and/or changes in relocation locations, I accidentally moved the call to nestedsvmloadcr3 too early, befor...