Bug 1947986 (CVE-2020-36313) - CVE-2020-36313 kernel: KVM subsystem allows out-of-range access to memslots after a deletion
Summary: CVE-2020-36313 kernel: KVM subsystem allows out-of-range access to memslots a...
Keywords:
Status: NEW
Alias: CVE-2020-36313
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 1813987 1947987 1948479 1948481 1948482 1948483 1948895 1948896 1948897 1948898 1948899 1948900 1948901 1948902 1948903 1948904 1948905 1948906 1948907 1948908 1948909 1948910 1948911 1948912 1948913 1948914 1948915 1948916 1948917 1948918 1952125 1952126 1952129 1952130 1952131 1952132 1952133 1952134
Blocks: 1947988
TreeView+ depends on / blocked
 
Reported: 2021-04-09 16:58 UTC by Guilherme de Almeida Suckevicz
Modified: 2023-10-10 19:43 UTC (History)
49 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Linux kernel. The KVM subsystem allows out-of-range access to memslots after a deletion. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Guilherme de Almeida Suckevicz 2021-04-09 16:58:13 UTC
An issue was discovered in the Linux kernel.  The KVM subsystem allows out-of-range access to memslots after a deletion. This affects arch/s390/kvm/kvm-s390.c, include/linux/kvm_host.h, and virt/kvm/kvm_main.c.

Reference and upstream patch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0774a964ef561b7170d8d1b1bfe6f88002b6d219

Comment 1 Guilherme de Almeida Suckevicz 2021-04-09 16:58:47 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1947987]

Comment 3 Justin M. Forbes 2021-04-12 21:21:09 UTC
This was fixed for Fedora with the 5.7 kernel rebases.

Comment 19 Wade Mealing 2021-04-27 05:51:10 UTC
Mitigation:

Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.


Note You need to log in before you can comment on or make changes to this bug.