CVE-2024-26990

KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status

References

https://cve.org/CVERecord/?id=CVE-2024-26990

Notes

 carnil> Introduced in 5982a5392663 ("KVM: x86/mmu: Use kvm_ad_enabled() to determine if
 carnil> TDP MMU SPTEs need wrprot"). Vulnerable versions: 6.4-rc1.

Bugs

Status

Branch	Status
4.19-buster-security	N/A "Vulnerable code not present"
4.19-upstream-stable	N/A "Vulnerable code not present"
5.10-bullseye-security	N/A "Vulnerable code not present"
5.10-upstream-stable	N/A "Vulnerable code not present"
6.1-bookworm-security	N/A "Vulnerable code not present"
6.1-upstream-stable	N/A "Vulnerable code not present"
6.6-upstream-stable	released (6.6.29) [cdf811a937471af2d1facdf8ae80e5e68096f1ed]
6.8-upstream-stable	released (6.8.8) [e20bff0f1b2de9cfe303dd35ff46470104a87404]
sid	needed
upstream	released (6.9-rc5) [2673dfb591a359c75080dd5af3da484b89320d22]