KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use
commit
16ae56d7e0528559bf8dc9070e3bfd8ba3de80df upstream.
Make sure that KVM uses vmcb01 before freeing nested state, and warn if
that is not the case.
This is a minimal fix for CVE-2022-3344 making the kernel print a warning
instead of a kernel panic.
Cc: stable@vger.kernel.org
Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-Id: <
20221103141351.50662-3-mlevitsk@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit
3e87cb0caa25d667a9ca2fe15fef889e43ab8f95)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
projects / mirror_ubuntu-jammy-kernel.git / commit