Bug 2297573 (CVE-2024-40989)

Summary: CVE-2024-40989 kernel: KVM: arm64: Disassociate vcpus from redistributor region on teardown
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: dfreiber, drow, jburrell, vkumar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: kernel 6.1.96, kernel 6.6.36, kernel 6.9.7, kernel 6.10-rc5 Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in the Linux kernel's KVM for ARM64 within the vgic-init.c, vgic-mmio-v3.c, and vgic.h files. The virtual vCPUs may retain dangling pointers in a redistributor region after they have been torn down, leading to potential memory corruption.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2024-07-12 13:47:21 UTC 
In the Linux kernel, the following vulnerability has been resolved:

KVM: arm64: Disassociate vcpus from redistributor region on teardown

When tearing down a redistributor region, make sure we don't have
any dangling pointer to that region stored in a vcpu.
Comment 12 errata-xmlrpc 2024-09-24 00:39:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:7001 https://access.redhat.com/errata/RHSA-2024:7001
Comment 13 errata-xmlrpc 2024-09-24 02:34:35 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:7000 https://access.redhat.com/errata/RHSA-2024:7000
Comment 14 errata-xmlrpc 2024-11-12 09:36:21 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:9315 https://access.redhat.com/errata/RHSA-2024:9315
Comment 15 errata-xmlrpc 2024-12-18 00:30:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2024:11313 https://access.redhat.com/errata/RHSA-2024:11313
Comment 16 errata-xmlrpc 2024-12-19 00:08:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:11483 https://access.redhat.com/errata/RHSA-2024:11483
Comment 17 errata-xmlrpc 2024-12-19 00:30:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:11482 https://access.redhat.com/errata/RHSA-2024:11482