CVE - CVE-2024-55881

CVE-ID
CVE-2024-55881	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Play nice with protected guests in complete_hypercall_exit() Use is_64_bit_hypercall() instead of is_64_bit_mode() to detect a 64-bit hypercall when completing said hypercall. For guests with protected state, e.g. SEV-ES and SEV-SNP, KVM must assume the hypercall was made in 64-bit mode as the vCPU state needed to detect 64-bit mode is unavailable. Hacking the sev_smoke_test selftest to generate a KVM_HC_MAP_GPA_RANGE hypercall via VMGEXIT trips the WARN: ------------[ cut here ]------------ WARNING: CPU: 273 PID: 326626 at arch/x86/kvm/x86.h:180 complete_hypercall_exit+0x44/0xe0 [kvm] Modules linked in: kvm_amd kvm ... [last unloaded: kvm] CPU: 273 UID: 0 PID: 326626 Comm: sev_smoke_test Not tainted 6.12.0-smp--392e932fa0f3-feat #470 Hardware name: Google Astoria/astoria, BIOS 0.20240617.0-0 06/17/2024 RIP: 0010:complete_hypercall_exit+0x44/0xe0 [kvm] Call Trace: <TASK> kvm_arch_vcpu_ioctl_run+0x2400/0x2720 [kvm] kvm_vcpu_ioctl+0x54f/0x630 [kvm] __se_sys_ioctl+0x6b/0xc0 do_syscall_64+0x83/0x160 entry_SYSCALL_64_after_hwframe+0x76/0x7e </TASK> ---[ end trace 0000000000000000 ]---
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/0840d360a8909c722fb62459f42836afe32ededb URL:https://git.kernel.org/stable/c/0840d360a8909c722fb62459f42836afe32ededb MISC:https://git.kernel.org/stable/c/22b5c2acd65dbe949032f619d4758a35a82fffc3 URL:https://git.kernel.org/stable/c/22b5c2acd65dbe949032f619d4758a35a82fffc3 MISC:https://git.kernel.org/stable/c/3d2634ec0d1dbe8f4b511cf5261f327c6a76f4b6 URL:https://git.kernel.org/stable/c/3d2634ec0d1dbe8f4b511cf5261f327c6a76f4b6 MISC:https://git.kernel.org/stable/c/7ed4db315094963de0678a8adfd43c46471b9349 URL:https://git.kernel.org/stable/c/7ed4db315094963de0678a8adfd43c46471b9349 MISC:https://git.kernel.org/stable/c/9b42d1e8e4fe9dc631162c04caa69b0d1860b0f0 URL:https://git.kernel.org/stable/c/9b42d1e8e4fe9dc631162c04caa69b0d1860b0f0
Assigning CNA
kernel.org
Date Record Created
20250109	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20250109)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)