Huawei EulerOS: CVE-2024-35791: kernel security update

Huawei EulerOS: CVE-2024-35791: kernel security update

Severity

4

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

05/17/2024

Created

10/09/2024

Added

10/08/2024

Modified

10/08/2024

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() Do the cache flush of converted pages in svm_register_enc_region() before dropping kvm->lock to fix use-after-free issues where region and/or its array of pages could be freed by a different task, e.g. if userspace has __unregister_enc_region_locked() already queued up for the region. Note, the "obvious" alternative of using local variables doesn't fully resolve the bug, as region->pages is also dynamically allocated.I.e. the region structure itself would be fine, but region->pages could be freed. Flushing multiple pages under kvm->lock is unfortunate, but the entire flow is a rare slow path, and the manual flush is only needed on CPUs that lack coherency for encrypted memory.

Solution(s)

• huawei-euleros-2_0_sp12-upgrade-bpftool
• huawei-euleros-2_0_sp12-upgrade-kernel
• huawei-euleros-2_0_sp12-upgrade-kernel-abi-stablelists
• huawei-euleros-2_0_sp12-upgrade-kernel-tools
• huawei-euleros-2_0_sp12-upgrade-kernel-tools-libs
• huawei-euleros-2_0_sp12-upgrade-python3-perf

References

• https://attackerkb.com/topics/cve-2024-35791
• CVE - 2024-35791
• EulerOS-SA-2024-2352