THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-26691

KVM: arm64: Fix circular locking dependency

AssignerLinux
Reserved2024-02-19
Published2024-04-03
Updated2024-06-04

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu->mutex is taken *inside* kvm->lock. The rule is violated by the pkvm_create_hyp_vm() which acquires the kvm->lock while already holding the vcpu->mutex lock from kvm_vcpu_ioctl(). Avoid the circular locking dependency altogether by protecting the hyp vm handle with the config_lock, much like we already do for other forms of VM-scoped data.

Product status

Default status
unaffected

1da177e4c3f4 before 3d16cebf0112
affected

1da177e4c3f4 before 3ab1c40a1e91
affected

1da177e4c3f4 before 10c02aad111d
affected

Default status
affected

6.6.18
unaffected

6.7.6
unaffected

6.8
unaffected

References

https://git.kernel.org/stable/c/3d16cebf01127f459dcfeb79ed77bd68b124c228

https://git.kernel.org/stable/c/3ab1c40a1e915e350d9181a4603af393141970cc

https://git.kernel.org/stable/c/10c02aad111df02088d1a81792a709f6a7eca6cc

cve.org CVE-2024-26691

nvd.nist.gov CVE-2024-26691

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-26691
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
© Copyright 2024 THREATINT. Made in Cyprus with +