Announcement

Collapse
No announcement yet.

Linux Formerly Affected By A KVM SVM Guest-To-Host Breakout Code Vulnerability

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux Formerly Affected By A KVM SVM Guest-To-Host Breakout Code Vulnerability

    Phoronix: Linux Formerly Affected By An AMD KVM Guest-To-Host Breakout Code Vulnerability

    AMD-specific code within Linux's KVM virtualization component previously could allow a KVM guest to breakout into the host. This bug persisted in the Linux kernel from late 2020 to March 2021 before being addressed and is the first known issue of such a guest-to-host breakout that didn't also depend upon bugs within user-space components...

    https://www.phoronix.com/scan.php?pa...C-Breakout-KVM

  • #2
    It's great AMD owns up to their mistakes and does not shy away from hiring from the community to get them fixed. Elated and will show support by spending my hard earned $$$ on their products.

    Comment


    • #3
      The flawed code was provided by Redhat, it combines thread-race (didn't copy the mutable struct shared by multiple CPUs before check) and used-after-free (use a freed bitmap to check MSR permission), so it's not AMD's fault.
      However, such mistake can be avoided by using Rust.

      Comment

      Working...
      X