hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I9F351 CVE: CVE-2023-52633
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=...
--------------------------------------
The commit d1e388dbca87 ("KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache") fix CVE-2024-26598 erroneously, correct it.
Fixes: d1e388dbca87 ("KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache") Signed-off-by: Jinjie Ruan ruanjinjie@huawei.com --- arch/arm64/kvm/vgic/vgic-its.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm64/kvm/vgic/vgic-its.c b/arch/arm64/kvm/vgic/vgic-its.c index 9c7bd5a8aa35..1868cc0f0fee 100644 --- a/arch/arm64/kvm/vgic/vgic-its.c +++ b/arch/arm64/kvm/vgic/vgic-its.c @@ -782,7 +782,6 @@ static int vgic_its_trigger_msi(struct kvm *kvm, struct vgic_its *its, raw_spin_lock_irqsave(&irq->irq_lock, flags); irq->pending_latch = true; vgic_queue_irq_unlock(kvm, irq, flags); - vgic_put_irq(kvm, irq);
return 0; } @@ -801,6 +800,7 @@ int vgic_its_inject_cached_translation(struct kvm *kvm, struct kvm_msi *msi) raw_spin_lock_irqsave(&irq->irq_lock, flags); irq->pending_latch = true; vgic_queue_irq_unlock(kvm, irq, flags); + vgic_put_irq(kvm, irq);
return 0; }