Re: KVM: a issue which maybe a vulnerability

On Mon, Dec 12, 2022 at 07:15:32PM +0800, Yilu Lin wrote:

Hello. There is a issue about the kvm module in kernel, which may be a vulnerability. And I need your adivce.

Here is affect version: Linux kernel version 3.10.The virtualization platform uses the general Linux version before 4.15, which may also involve. The issue is fixed in v4.15-rc1.Commit ID is dedf9c5e216902c6d34b5a0d0c40f4acbb3706d8. Link is https://github.com/torvalds/linux/commit/dedf9c5e216902c6d34b5a0d0c40f4acbb3....

Have you tried backporting this commit to 4.14.y and seeing if it resolves the issue? If so, can you send the backport here for inclusion?

thanks,

greg k-h