CVE-2024-36953
Published: May 30, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() vgic_v2_parse_attr() is responsible for finding the vCPU that matches the user-provided CPUID, which (of course) may not be valid. If the ID is invalid, kvm_get_vcpu_by_id() returns NULL, which isn't handled gracefully. Similar to the GICv3 uaccess flow, check that kvm_get_vcpu_by_id() actually returns something and fail the ioctl if not.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 7d450e2821710718fd6703e9c486249cee913bab - < 4404465a1bee3607ad90a4c5f9e16dfd75b85728affected 7d450e2821710718fd6703e9c486249cee913bab - < 17db92da8be5dd3bf63c01f4109fe47db64fc66faffected 7d450e2821710718fd6703e9c486249cee913bab - < 3a5b0378ac6776c7c31b18e0f3c1389bd6005e80affected 7d450e2821710718fd6703e9c486249cee913bab - < 8d6a1c8e3de36cb0f5e866f1a582b00939e23104affected 7d450e2821710718fd6703e9c486249cee913bab - < 01981276d64e542c177b243f7c979fee855d5487+1 more versions |
Linux | Linux | affected 4.7unaffected 0 - < 4.7unaffected 5.10.217 - <= 5.10.*unaffected 5.15.159 - <= 5.15.*unaffected 6.1.91 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now