Headline

CVE-2020-15852: x86/ioperm: Fix io bitmap invalidation on Xen PV · torvalds/linux@cadfad8

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.

4 years ago

CVE

Open in Source

#mac #linux #git #perl

Permalink

Browse files

x86/ioperm: Fix io bitmap invalidation on Xen PV

tss_invalidate_io_bitmap() wasn’t wired up properly through the pvop machinery, so the TSS and Xen’s io bitmap would get out of sync whenever disabling a valid io bitmap.

Add a new pvop for tss_invalidate_io_bitmap() to fix it.

This is XSA-329.

Fixes: 22fe5b0 (“x86/ioperm: Move TSS bitmap update to exit to user work”) Signed-off-by: Andy Lutomirski [email protected] Signed-off-by: Thomas Gleixner [email protected] Reviewed-by: Juergen Gross [email protected] Reviewed-by: Thomas Gleixner [email protected] Cc: [email protected] Link: https://lkml.kernel.org/r/d53075590e1f91c19f8af705059d3ff99424c020.1595030016.git.luto@kernel.org

Loading branch information

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

10 months ago

10 months ago

10 months ago

10 months ago

10 months ago