projects / GitHub / LineageOS / G12 / android_kernel_amlogic_linux-4.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a7577ab) | patch
KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)
authorPaolo Bonzini <pbonzini@redhat.com>
Wed, 4 Dec 2019 09:28:54 +0000 (10:28 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 21 Dec 2019 09:41:43 +0000 (10:41 +0100)
commit8b587e3f1424fae01f9c7e78d8d294bcb71f6f41
tree0fec9f019c1dfc3e926b8da3419fdf15fb51e28etree | snapshot (tar.gz zip)
parenta7577abb959e71c0978a366ef4239a9ddb235556commit | diff
KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)

commit 433f4ba1904100da65a311033f17a9bf586b287e upstream.

The bounds check was present in KVM_GET_SUPPORTED_CPUID but not
KVM_GET_EMULATED_CPUID.

Reported-by: syzbot+e3f4897236c4eeb8af4f@syzkaller.appspotmail.com
Fixes: 84cffe499b94 ("kvm: Emulate MOVBE", 2013-10-29)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
arch/x86/kvm/cpuid.c diff | blob | blame | history