Bug 2151317 (CVE-2022-45869) - CVE-2022-45869 kernel: KVM: x86/mmu: race condition in direct_page_fault()
Summary: CVE-2022-45869 kernel: KVM: x86/mmu: race condition in direct_page_fault()
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-45869
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2151318 2179929 2179930 2179931 2179932 2213165 2215365
Blocks: 2149549
TreeView+ depends on / blocked
 
Reported: 2022-12-06 17:42 UTC by Guilherme de Almeida Suckevicz
Modified: 2024-03-19 17:26 UTC (History)
37 users (show)

Fixed In Version: kernel 6.1-rc7
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Linux kernel in the KVM. A race condition in direct_page_fault allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualization and the TDP MMU are enabled.
Clone Of:
Environment:
Last Closed: 2023-08-01 16:09:16 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2023:7268 0 None None None 2023-11-15 18:25:12 UTC
Red Hat Product Errata RHBA-2023:7328 0 None None None 2023-11-16 11:38:42 UTC
Red Hat Product Errata RHBA-2023:7338 0 None None None 2023-11-16 18:04:02 UTC
Red Hat Product Errata RHBA-2023:7343 0 None None None 2023-11-20 01:58:26 UTC
Red Hat Product Errata RHBA-2023:7346 0 None None None 2023-11-20 09:25:30 UTC
Red Hat Product Errata RHSA-2023:4377 0 None None None 2023-08-01 09:17:32 UTC
Red Hat Product Errata RHSA-2023:4378 0 None None None 2023-08-01 08:59:13 UTC
Red Hat Product Errata RHSA-2023:6901 0 None None None 2023-11-14 15:14:46 UTC
Red Hat Product Errata RHSA-2023:7077 0 None None None 2023-11-14 15:20:21 UTC
Red Hat Product Errata RHSA-2024:1188 0 None None None 2024-03-06 12:37:45 UTC
Red Hat Product Errata RHSA-2024:1404 0 None None None 2024-03-19 17:26:57 UTC

Description Guilherme de Almeida Suckevicz 2022-12-06 17:42:38 UTC 
A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.

Reference and upstream patch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=47b0c2e4c220f2251fd8dcfbb44479819c715e15
Comment 1 Guilherme de Almeida Suckevicz 2022-12-06 17:43:02 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2151318]
Comment 2 Justin M. Forbes 2022-12-08 15:59:00 UTC 
This was fixed for Fedora with the 6.0.11 stable kernel updates.
Comment 15 errata-xmlrpc 2023-08-01 08:59:10 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:4378 https://access.redhat.com/errata/RHSA-2023:4378
Comment 16 errata-xmlrpc 2023-08-01 09:17:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:4377 https://access.redhat.com/errata/RHSA-2023:4377
Comment 17 Product Security DevOps Team 2023-08-01 16:09:13 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-45869
Comment 18 errata-xmlrpc 2023-11-14 15:14:43 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:6901 https://access.redhat.com/errata/RHSA-2023:6901
Comment 19 errata-xmlrpc 2023-11-14 15:20:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:7077 https://access.redhat.com/errata/RHSA-2023:7077
Comment 22 errata-xmlrpc 2024-03-06 12:37:43 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2024:1188 https://access.redhat.com/errata/RHSA-2024:1188
Comment 24 errata-xmlrpc 2024-03-19 17:26:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:1404 https://access.redhat.com/errata/RHSA-2024:1404
Note You need to log in before you can comment on or make changes to this bug.