oss-sec mailing list archives
Re: Linux kernel: powerpc: RTAS calls can be used to compromise kernel integrity
From: Andrew Donnellan <ajd () linux ibm com>
Date: Thu, 10 Dec 2020 23:47:30 +1100
On 24/11/20 1:41 am, Andrew Donnellan wrote:
On 9/10/20 12:20 pm, Andrew Donnellan wrote:The Linux kernel for powerpc has an issue with the Run-Time Abstraction Services (RTAS) interface, allowing root (or CAP_SYS_ADMIN users) in a VM to overwrite some parts of memory, including kernel memory.This issue impacts guests running on top of PowerVM or KVM hypervisors (pseries platform), and does *not* impact bare-metal machines (powernv platform).CVE-2020-27777 has been assigned.
A minor regression has been identified, affecting the ibm,open-errinjct RTAS call.
A patch is available at https://patchwork.ozlabs.org/project/linuxppc-dev/patch/20201208195434.8289-1-tyreld () linux ibm com/
Thanks to Tyrel Datwyler for identifying and fixing this issue. -- Andrew Donnellan OzLabs, ADL Canberra ajd () linux ibm com IBM Australia Limited
Current thread:
- Linux kernel: powerpc: RTAS calls can be used to compromise kernel integrity Andrew Donnellan (Oct 09)
- Re: Linux kernel: powerpc: RTAS calls can be used to compromise kernel integrity Andrew Donnellan (Nov 23)
- Re: Linux kernel: powerpc: RTAS calls can be used to compromise kernel integrity Andrew Donnellan (Dec 10)
- Re: Linux kernel: powerpc: RTAS calls can be used to compromise kernel integrity Andrew Donnellan (Nov 23)