References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

crypto: virtio - Add spinlock protection with virtqueue notification

When VM boots with one virtio-crypto PCI device and builtin backend,
run openssl benchmark command with multiple processes, such as
  openssl speed -evp aes-128-cbc -engine afalg  -seconds 10 -multi 32

openssl processes will hangup and there is error reported like this:
 virtio_crypto virtio0: dataq.0:id 3 is not a head!

It seems that the data virtqueue need protection when it is handled
for virtio done notification. If the spinlock protection is added
in virtcrypto_done_task(), openssl benchmark with multiple processes
works well.

https://git.kernel.org/stable/c/49c57c6c108931a914ed94e3c0ddb974008260a3

https://git.kernel.org/stable/c/c0a0ded3bb7fd45f720faa48449a930153257d3a

https://git.kernel.org/stable/c/d6f0d586808689963e58fd739bed626ff5013b24

https://git.kernel.org/stable/c/e69a7b0a71b6561b3b6459f1fded8d589f2e8ac2