CVE-2019-19332 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid

[P J P <ppandit () redhat com>]

  Hello,

An out-of-bounds memory write issue was found in the way Linux kernel's KVM 
hypervisor handled 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get cpuid 
features emulated by the KVM hypervisor. A user/process able to access 
'/dev/kvm' device could use this flaw to crash the system resulting in DoS 
issue.

It was found by Syzkaller
  -> https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50 () google com/

'CVE-2019-19332' was assigned by Red Hat Inc.

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
8685 545E B54C 486B C6EB 271E E285 8B5A F050 DE8D