{"uuid": "ae11f292-5865-42b4-a833-70c1ecf0d87a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55881", "type": "seen", "source": "https://t.me/cvedetector/15072", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55881 - \"KVM AMD x86 Hypercall Detection Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-55881 \nPublished : Jan. 11, 2025, 1:15 p.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nKVM: x86: Play nice with protected guests in complete_hypercall_exit() \n \nUse is_64_bit_hypercall() instead of is_64_bit_mode() to detect a 64-bit \nhypercall when completing said hypercall. For guests with protected state, \ne.g. SEV-ES and SEV-SNP, KVM must assume the hypercall was made in 64-bit \nmode as the vCPU state needed to detect 64-bit mode is unavailable. \n \nHacking the sev_smoke_test selftest to generate a KVM_HC_MAP_GPA_RANGE \nhypercall via VMGEXIT trips the WARN: \n \n ------------[ cut here ]------------ \n WARNING: CPU: 273 PID: 326626 at arch/x86/kvm/x86.h:180 complete_hypercall_exit+0x44/0xe0 [kvm] \n Modules linked in: kvm_amd kvm ... [last unloaded: kvm] \n CPU: 273 UID: 0 PID: 326626 Comm: sev_smoke_test Not tainted 6.12.0-smp--392e932fa0f3-feat #470 \n Hardware name: Google Astoria/astoria, BIOS 0.20240617.0-0 06/17/2024 \n RIP: 0010:complete_hypercall_exit+0x44/0xe0 [kvm] \n Call Trace: \n \n kvm_arch_vcpu_ioctl_run+0x2400/0x2720 [kvm] \n kvm_vcpu_ioctl+0x54f/0x630 [kvm] \n __se_sys_ioctl+0x6b/0xc0 \n do_syscall_64+0x83/0x160 \n entry_SYSCALL_64_after_hwframe+0x76/0x7e \n \n ---[ end trace 0000000000000000 ]--- \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-11T14:55:25.000000Z"}