CVE-2024-43819

Summary

In the Linux kernel, the following vulnerability has been resolved:

kvm: s390: Reject memory region operations for ucontrol VMs

This change rejects the KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 ioctls when called on a ucontrol VM. This is necessary since ucontrol VMs have kvm->arch.gmap set to 0 and would thus result in a null pointer dereference further in. Memory management needs to be performed in userspace and using the ioctls KVM_S390_UCAS_MAP and KVM_S390_UCAS_UNMAP.

Also improve s390 specific documentation for KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2.

[frankja@linux.ibm.com: commit message spelling fix, subject prefix fix]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux27e0393f15fc8bc855c6a888387ff5ffd2181089 < 49c9945c054df4c22008e2bf87ca74d3e2507aa6affected
LinuxLinux27e0393f15fc8bc855c6a888387ff5ffd2181089 < 7816e58967d0e6cadce05c8540b47ed027dc2499affected
LinuxLinux3.4affected
LinuxLinux0 < 3.4unaffected
LinuxLinux6.10.3 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References