oss-sec mailing list archives
CVE-2019-19332 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid
From: P J P <ppandit () redhat com>
Date: Mon, 16 Dec 2019 11:33:02 +0530 (IST)
Hello,An out-of-bounds memory write issue was found in the way Linux kernel's KVM hypervisor handled 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get cpuid features emulated by the KVM hypervisor. A user/process able to access '/dev/kvm' device could use this flaw to crash the system resulting in DoS issue.
It was found by Syzkaller -> https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50 () google com/ 'CVE-2019-19332' was assigned by Red Hat Inc. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 8685 545E B54C 486B C6EB 271E E285 8B5A F050 DE8D
Current thread:
- CVE-2019-19332 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid P J P (Dec 15)