An issue was discovered in the efi subsystem in the Linux kernel in the function phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. This particular attack is somewhat contrived and difficult to execute. It would require an attacker to be able to create memory failures during early boot phase on platforms such as a virtual machine host. This may allow for the kernel in the guest to incorrectly map memory and possibly allow an local (in guest) attacker to then further escalate privileges on the affected guest. Red Hat product security finds this situation very unlikely. Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=4e78921ba4dd0aca1cc89168f45039add4183f8e Discussion: https://lkml.org/lkml/2019/5/22/1378
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1715495]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-12380