kernel: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL

In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Mark legacy PIC interrupts with IRQLEVEL Baoquan reported that after triggering a crash the subsequent crash-kernel fails to boot about half of the time. It triggers a NULL pointer dereference in the periodic tick code...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing illegal access to the APIC register...

SUSE CVE-2024-26823

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems While refactoring the way the ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems such as HIP07 lose their GIC...

SUSE CVE-2021-46997

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: always set GICPRIOPSRISET during entry Zenghui reports that booting a kernel with "irqchip.gicv3pseudonmi=1" on the command line hits a warning during kernel entry, due to the way we manipulate the PMR. Early in the...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not setting GICPRIOPSRISET in an exception entry sequence...

kernel: Linux kernel: Denial of Service due to GIC state corruption on NVIDIA T241 platforms

A flaw was found in the Linux kernel. On NVIDIA server platforms utilizing multiple interconnected T241 chips, a local user could trigger a vulnerability in the Generic Interrupt Controller GIC due to incorrect handling of inter-socket data packets. This can corrupt the GIC's internal state,...

kernel: irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix error handling in gicpopulateppipartitions ofgetchildbyname returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. When kcalloc fails, it missing ofnodeput and...

kernel: Linux kernel: Denial of Service due to GIC state corruption on NVIDIA T241 platforms

A flaw was found in the Linux kernel. On NVIDIA server platforms utilizing multiple interconnected T241 chips, a local user could trigger a vulnerability in the Generic Interrupt Controller GIC due to incorrect handling of inter-socket data packets. This can corrupt the GIC's internal state,...

SUSE CVE-2011-4622

The createpittimer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer PIT interrupt requests IRQs when a virtual interrupt controller irqchip is not available, which allows local users to cause a denial of service NUL...

SUSE CVE-2016-4440

arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service host OS crash or possibly execute arbitrary code on the host OS, via x2APIC mode...

SUSE CVE-2021-3653

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by the L1 guest to spawn/handle a nested guest L2. Due to improper validation of the "intctl" field, this issue could allow a malicious ...

SUSE CVE-2021-20221

An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to...

SUSE CVE-2022-42327

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...

PT-2023-35129 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.91 Description: The issue is related to the x86/i8259 legacy PIC interrupts, which are marked with IRQ LEVEL. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

PT-2023-35322 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.272 Description: The issue is related to the x86/i8259 legacy PIC interrupts, which are marked with IRQ LEVEL. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

kernel: KVM: NULL pointer dereference in kvm_irq_delivery_to_apic_fast()

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...

PT-2022-35246 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.76 Description: The issue concerns the KVM arm64 vgic, specifically with the exit condition in the scan its table function. The actual impact and attack plausibility have not yet been proven...

PT-2022-35025 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0.3 Description: The issue is related to the x86/apic component, specifically concerning the handling of x2APIC. The problem arises when x2APIC is not properly disabled if it is locked. This could potentially...

kernel: KVM: NULL pointer dereference in kvm_irq_delivery_to_apic_fast()

A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a...

UBUNTU-CVE-2022-42327

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...