mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.0 KiB
1.0 KiB
CVE-2024-26691
Description
In the Linux kernel, the following vulnerability has been resolved:KVM: arm64: Fix circular locking dependencyThe rule inside kvm enforces that the vcpu->mutex is taken insidekvm->lock. The rule is violated by the pkvm_create_hyp_vm() which acquiresthe kvm->lock while already holding the vcpu->mutex lock fromkvm_vcpu_ioctl(). Avoid the circular locking dependency altogether byprotecting the hyp vm handle with the config_lock, much like we alreadydo for other forms of VM-scoped data.
POC
Reference
No PoCs from references.