References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

Drivers: vmbus: Check for channel allocation before looking up relids

relid2channel() assumes vmbus channel array to be allocated when called.
However, in cases such as kdump/kexec, not all relids will be reset by the host.
When the second kernel boots and if the guest receives a vmbus interrupt during
vmbus driver initialization before vmbus_connect() is called, before it finishes,
or if it fails, the vmbus interrupt service routine is called which in turn calls
relid2channel() and can cause a null pointer dereference.

Print a warning and error out in relid2channel() for a channel id that's invalid
in the second kernel.

https://git.kernel.org/stable/c/176c6b4889195fbe7016d9401175b48c5c9edf68

https://git.kernel.org/stable/c/1eb65c8687316c65140b48fad27133d583178e15

https://git.kernel.org/stable/c/8c3f0ae5435fd20bb1e3a8308488aa6ac33151ee

https://git.kernel.org/stable/c/a5c44f3446a0565139b7d8abc78f58b86c398123

https://git.kernel.org/stable/c/c373e49fbb87aa177819866ed9194ebc5414dfd6