CVE-2024-26691 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix circular locking dependency The rule inside kvm enforces that the vcpu->mutex is taken *inside* kvm->lock. The rule is violated by the pkvm_create_hyp_vm() which acquires the kvm->lock while already holding the vcpu->mutex lock from kvm_vcpu_ioctl(). Avoid the circular locking dependency altogether by protecting the hyp vm handle with the config_lock, much like we already do for other forms of VM-scoped data.

PUBLISHED Reserved 2024-02-19 | Published 2024-04-03 | Updated 2025-05-04 | Assigner Linux

Product status

Default status

unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 3d16cebf01127f459dcfeb79ed77bd68b124c228

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 3ab1c40a1e915e350d9181a4603af393141970cc

affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 10c02aad111df02088d1a81792a709f6a7eca6cc

affected

Default status

affected

6.6.18 (semver)

unaffected

6.7.6 (semver)

unaffected

6.8 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/3d16cebf01127f459dcfeb79ed77bd68b124c228

git.kernel.org/...c/3ab1c40a1e915e350d9181a4603af393141970cc

git.kernel.org/...c/10c02aad111df02088d1a81792a709f6a7eca6cc

git.kernel.org/...c/3d16cebf01127f459dcfeb79ed77bd68b124c228

git.kernel.org/...c/3ab1c40a1e915e350d9181a4603af393141970cc

git.kernel.org/...c/10c02aad111df02088d1a81792a709f6a7eca6cc

cve.org (CVE-2024-26691)

nvd.nist.gov (CVE-2024-26691)

Download JSON

help @ threatint.eu