Security tracker / CVE-2022-3344

CVE-2022-3344

KVM: SVM: nested shutdown interception could lead to host crash

References

• Debian security tracker
• cve.org
• https://lore.kernel.org/lkml/20221020093055.224317-5-mlevitsk@redhat.com/T/
• https://bugzilla.redhat.com/show_bug.cgi?id=2130278
• https://lore.kernel.org/lkml/20221103141351.50662-1-mlevitsk@redhat.com/
• https://lore.kernel.org/lkml/20221103141351.50662-3-mlevitsk@redhat.com/

Notes

 carnil> Fixed as well in 6.0.11 for 6.0.y.
 bwh> The first two fixes seem to be needed only after commit 2fcf4876ada8
 bwh> "KVM: nSVM: implement on demand allocation of the nested state" in
 bwh> 5.10. The last two are probably needed for 4.19 as well, though
 bwh> backporting them doesn't look straightforward.

Bugs

Status

Branch	Status
upstream	released (6.1-rc7) [917401f26a6af5756d89b550a8e1bd50cf42b07e, 16ae56d7e0528559bf8dc9070e3bfd8ba3de80df, f9697df251438b0798780900e8b43bdb12a56d64, ed129ec9057f89d615ba0c81a4984a90345a1684]
6.18-upstream-stable
6.17-upstream-stable
6.12-upstream-stable
6.6-upstream-stable
6.1-upstream-stable	N/A "Fixed before branch point"
5.10-upstream-stable	needed
sid	released (6.0.12-1)
6.12-trixie-security
6.1-bookworm-security	N/A "Fixed before branch point"
5.10-bullseye-security	needed