Red Hat Bugzilla – Bug 1490781
CVE-2017-1000252 kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ
Last modified: 2018-04-17 12:20:28 EDT
A reachable assertion failure flaw was found in the Linux kernel built with the KVM virtualisation(CONFIG_KVM) support with Virtual Function I/O feature (CONFIG_VFIO) enabled. This could occur if a malicious guest device sent a virtual interrupt(guest IRQ) with larger(>1024) index value. A guest user/process could use this flaw to crash the KVM hypervisor resulting in Dos. Note: It affects x86 arch platforms. Upstream patches: ----------------- -> https://marc.info/?l=kvm&m=150549145711115&w=2 -> https://marc.info/?l=kvm&m=150549146311117&w=2 Introduced by commit: -> https://git.kernel.org/linus/efc644048ecde54f016011fe10110addd0de348f Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/09/15/4
Acknowledgments: Name: Jan H. Schönherr (Amazon)
Statement: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 7. Future kernel updates for Red Hat Enterprise Linux 7 may address this issue.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1492168]
Patch(es) committed on kernel repository and an interim kernel build is undergoing testing
Patch(es) available on kernel-3.10.0-720.el7
This was fixed for Fedora with the 4.13.5 updates
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2018:0676
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:1062
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2018:1130 https://access.redhat.com/errata/RHSA-2018:1130