On Mon, Jan 06, 2025 at 07:19:08PM +0100, Greg KH wrote: > On Mon, Jan 06, 2025 at 05:01:49PM +0800, Linfeng Sun wrote: > > Hello list, > > > > A bug has been detected in the Linux kernel's nested virtualization > > implementation, which > > can lead to a general protection fault in __vmx_vcpu_run when running a > > higher > > version L1 hypervisor kernel on an L0 host kernel version predating the > > following > > commit: > > https://github.com/torvalds/linux/commit/45779be5ced626db836e612e0dc638a1601abcf2 > > For those wanting to understand this, that means that any kernel version > from release of: > 3.17 > to the following releases: > 4.9.331 4.14.296 4.19.262 5.4.220 5.10.150 5.15.75 5.19.17 6.0.3 6.1 > is vulnerable, and anything newer than that (i.e. any kernel newer than > August of 2022) is just fine. > > Hopefully everyone here is running a kernel newer than August of 2022, > but hey, who knows!
Is this exploitable for anything other than denial of service? -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab
signature.asc
Description: PGP signature
