Linux/linux 433f4ba — arch/x86/kvm cpuid.c
KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) The bounds check was present in KVM_GET_SUPPORTED_CPUID but not KVM_GET_EMULATED_CPUID. Reported-by: syzbot+e3f4897236c4eeb8af4f at syzkaller.appspotmail.com Fixes: 84cffe499b94 ("kvm: Emulate MOVBE", 2013-10-29) Signed-off-by: Paolo Bonzini <pbonzini at redhat.com>
Delta | File | |
---|---|---|
+4 | -1 | arch/x86/kvm/cpuid.c |
+4 | -1 | 1 files |