CVE-2024-43819
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
kvm: s390: Reject memory region operations for ucontrol VMs
This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontrol VMs have kvm->arch.gmap set to 0 and would thus result in a null pointer dereference further in. Memory management needs to be performed in userspace and using the ioctls KVM_S390_UCAS_MAP and KVM_S390_UCAS_UNMAP.
Also improve s390 specific documentation for KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2.
[frankja@linux.ibm.com: commit message spelling fix, subject prefix fix]
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 27e0393f15fc8bc855c6a888387ff5ffd2181089 < 49c9945c054df4c22008e2bf87ca74d3e2507aa6 | affected |
| Linux | Linux | 27e0393f15fc8bc855c6a888387ff5ffd2181089 < 7816e58967d0e6cadce05c8540b47ed027dc2499 | affected |
| Linux | Linux | 3.4 | affected |
| Linux | Linux | 0 < 3.4 | unaffected |
| Linux | Linux | 6.10.3 <= 6.10.* | unaffected |
| Linux | Linux | 6.11 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/49c9945c054df4c22008e2bf87ca74d3e2507aa6
- https://git.kernel.org/stable/c/7816e58967d0e6cadce05c8540b47ed027dc2499
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.