]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 77251fe) | patch
KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)
authorPaolo Bonzini <pbonzini@redhat.com>
Wed, 4 Dec 2019 09:28:54 +0000 (10:28 +0100)
committerBen Hutchings <ben@decadent.org.uk>
Tue, 10 Dec 2019 18:01:34 +0000 (18:01 +0000)
commit21377f88c2757c6ee3e28407fb1c44b4bdf7e6b2
tree8bd3314300ad568987e82ed5e20c980c9c296a68tree
parent77251fec285eebe2258e81e643820428b92a68a6commit | diff
KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)

commit 433f4ba1904100da65a311033f17a9bf586b287e upstream.

The bounds check was present in KVM_GET_SUPPORTED_CPUID but not
KVM_GET_EMULATED_CPUID.

Reported-by: syzbot+e3f4897236c4eeb8af4f@syzkaller.appspotmail.com
Fixes: 84cffe499b94 ("kvm: Emulate MOVBE", 2013-10-29)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
arch/x86/kvm/cpuid.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git