Re: 'WARNING in vcpu_enter_guest' bug in arch/x86/kvm/x86.c:9877

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jun 17, 2022, Red Hat Product Security wrote:
> Hello!
> 
> INC2131147 ('WARNING in vcpu_enter_guest' bug in arch/x86/kvm/x86.c:9877) is pending your review.
> 
> Opened for: pgn@xxxxxxxxxx
> Followers: Paolo Bonzini, seanjc@xxxxxxxxxx, Vitaly Kuznetsov, wanpengli@xxxxxxxxxxx, jmattson@xxxxxxxxxx, joro@xxxxxxxxxx, tglx@xxxxxxxxxxxxx, Ingo Molnar, bp@xxxxxxxxx, dave.hansen@xxxxxxxxxxxxxxx, hpa@xxxxxxxxx, jarkko@xxxxxxxxxx, kvm@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, linux-sgx@xxxxxxxxxxxxxxx, kangel@xxxxxxxxxx, syzkaller@xxxxxxxxxxxxxxxx
> 
> Mauro Matteo Cascella updated your request with the following comments:
> 
> Hi Sean,
>  Thanks for the fix: https://github.com/torvalds/linux/commit/423ecfea77dda83823c71b0fad1c2ddb2af1e5fc [https://github.com/torvalds/linux/commit/423ecfea77dda83823c71b0fad1c2ddb2af1e5fc].
> Is this CVE worthy? As /dev/kvm is world accessible and unprivileged users could trigger the bug IIUC. We (Red Hat) can assign one if needed.

IMO, it's not CVE worthy.  Unprivileged users can trigger the bug, but the bug
itself is not harmful to the system at large, only to that user's VM/workload.
The splat is a WARN_ON_ONCE() so it won't spam the kernel log.  panic_on_warn
would be problematic, but assigning a CVE for every WARN seems excessive.



[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux