forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/arch/x86/kvm
History
Paolo Bonzini 5119ffd480 KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) 
commit 433f4ba190 upstream.

The bounds check was present in KVM_GET_SUPPORTED_CPUID but not
KVM_GET_EMULATED_CPUID.

Reported-by: syzbot+e3f4897236c4eeb8af4f@syzkaller.appspotmail.com
Fixes: 84cffe499b ("kvm: Emulate MOVBE", 2013-10-29)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-12-13 08:52:58 +01:00
..
cpuid.c KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) 2019-12-13 08:52:58 +01:00
cpuid.h x86/cpufeatures: Combine word 11 and 12 into a new scattered features word 2019-08-06 19:06:58 +02:00
debugfs.c
emulate.c KVM: x86: set ctxt->have_exception in x86_decode_insn() 2019-10-05 13:10:05 +02:00
hyperv.c KVM: hyperv: define VP assist page helpers 2019-09-16 08:21:50 +02:00
hyperv.h KVM: hyperv: define VP assist page helpers 2019-09-16 08:21:50 +02:00
i8254.c
i8254.h
i8259.c
ioapic.c
ioapic.h
irq.c kvm: Check irqchip mode before assign irqfd 2019-09-16 08:22:15 +02:00
irq.h kvm: Check irqchip mode before assign irqfd 2019-09-16 08:22:15 +02:00
irq_comm.c
Kconfig x86/kvm/Kconfig: Ensure CRYPTO_DEV_CCP_DD state at minimum matches KVM_AMD 2018-07-15 17:36:57 +02:00
kvm_cache_regs.h KVM: nVMX: Do not load EOI-exitmap while running L2 2018-03-21 14:16:44 +01:00
lapic.c x86/kvm/lapic: preserve gfn_to_hva_cache len on cache reinit 2019-09-16 08:21:51 +02:00
lapic.h KVM: hyperv: define VP assist page helpers 2019-09-16 08:21:50 +02:00
Makefile
mmu.c KVM: MMU: Do not treat ZONE_DEVICE pages as being reserved 2019-12-01 09:17:35 +01:00
mmu.h kvm: x86: mmu: Recovery of shattered NX large pages 2019-11-12 19:21:46 +01:00
mmu_audit.c KVM: x86: MMU: make array audit_point_name static 2017-12-14 09:26:41 +01:00
mmutrace.h KVM: x86: add tracepoints around __direct_map and FNAME(fetch) 2019-11-12 19:21:44 +01:00
mtrr.c KVM: x86: optimize check for valid PAT value 2019-09-16 08:22:18 +02:00
page_track.c treewide: kvzalloc() -> kvcalloc() 2018-06-12 16:19:22 -07:00
paging_tmpl.h kvm: mmu: ITLB_MULTIHIT mitigation 2019-11-12 19:21:44 +01:00
pmu.c KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed 2019-07-26 09:14:24 +02:00
pmu.h KVM: x86/pmu: mask the result of rdpmc according to the width of the counters 2019-06-19 08:18:04 +02:00
pmu_amd.c KVM: x86/pmu: mask the result of rdpmc according to the width of the counters 2019-06-19 08:18:04 +02:00
pmu_intel.c KVM: x86/pmu: do not mask the value that is written to fixed PMUs 2019-06-19 08:18:04 +02:00
svm.c KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active 2019-11-12 19:21:44 +01:00
trace.h KVM: x86: avoid misreporting level-triggered irqs as edge-triggered in tracing 2019-05-16 19:41:22 +02:00
tss.h
vmx.c Revert "KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode()" 2019-12-05 09:20:17 +01:00
vmx_evmcs.h x86/kvm: use Enlightened VMCS when running on Hyper-V 2018-03-28 22:47:06 +02:00
vmx_shadow_fields.h KVM: nVMX: track dirty state of non-shadowed VMCS fields 2018-01-16 16:50:13 +01:00
x86.c KVM: x86: Grab KVM's srcu lock when setting nested state 2019-12-13 08:52:46 +01:00
x86.h KVM: x86: introduce is_pae_paging 2019-11-20 18:45:10 +01:00