Security tracker / CVE-2023-21264

CVE-2023-21264

KVM: arm64: Prevent unconditional donation of unmapped regions from the host

References

• Debian security tracker
• cve.org
• https://source.android.com/docs/security/bulletin/2023-08-01
• https://android.googlesource.com/kernel/common/+/b35a06182451f
• https://android.googlesource.com/kernel/common/+/53625a846a7b4

Notes

 carnil> Commit fixes e82edcc75c4e ("KVM: arm64: Implement do_share()
 carnil> helper for sharing memory") 5.17-rc1.
 carnil> Not completely sure if this the issue applies really to the
 carnil> upstream kernel.

Bugs

Status

Branch	Status
upstream	released (6.4-rc5) [09cce60bddd6461a93a5bf434265a47827d1bc6f]
6.18-upstream-stable
6.17-upstream-stable
6.12-upstream-stable
6.6-upstream-stable
6.1-upstream-stable	needed
5.10-upstream-stable	N/A "Vulnerable code not present"
4.19-upstream-stable	N/A "Vulnerable code not present"
sid	released (6.3.7-1)
6.12-trixie-security
6.1-bookworm-security	needed
5.10-bullseye-security	N/A "Vulnerable code not present"
4.19-buster-security	N/A "Vulnerable code not present"