Re: CVE-2017-1000252: KVM denial of service with posted interrupts on Intel systems (since Linux 4.4)

[Greg KH <greg () kroah com>]

On Fri, Sep 15, 2017 at 06:36:59PM +0200, Jan H. Schönherr wrote:
> Hi.
>
> We have discovered a user triggerable BUG() when using KVM with posted interrupts on Intel
> systems. This requires an unprivileged user to have access to the KVM device.
>
> Certain values in a KVM_IRQFD API call can trigger a BUG_ON() at a later point in
> vmx_update_pi_irte(). KVM as a whole seems to hang after that.
>
> The issue was introduced with Linux 4.4, patches have been posted to the KVM
> mailing list:
> - https://marc.info/?l=kvm&m=150549145711115&w=2
> - https://marc.info/?l=kvm&m=150549146311117&w=2

Note, for those intersted in this, the second patch was reverted and
doesn't seem to be needed.

thanks,

greg k-h