Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP3:Update
xen.36362
xsa458.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xsa458.patch of Package xen.36362
From: Jan Beulich <jbeulich@suse.com> Subject: x86/IRQ: avoid double unlock in map_domain_pirq() Forever since its introduction the main loop in the function dealing with multi-vector MSI had error exit points ("break") with different properties: In one case no IRQ descriptor lock is being held. Nevertheless the subsequent error cleanup path assumed such a lock would uniformly need releasing. Identify the case by setting "desc" to NULL, thus allowing the unlock to be skipped as necessary. This is CVE-2024-31143 / XSA-458. Coverity ID: 1605298 Fixes: d1b6d0a02489 ("x86: enable multi-vector MSI") Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Roger Pau Monné <roger.pau@citrix.com> --- a/xen/arch/x86/irq.c +++ b/xen/arch/x86/irq.c @@ -2214,6 +2214,7 @@ int map_domain_pirq( set_domain_irq_pirq(d, irq, info); spin_unlock_irqrestore(&desc->lock, flags); + desc = NULL; info = NULL; irq = create_irq(NUMA_NO_NODE, true); @@ -2249,7 +2250,9 @@ int map_domain_pirq( if ( ret ) { - spin_unlock_irqrestore(&desc->lock, flags); + if ( desc ) + spin_unlock_irqrestore(&desc->lock, flags); + pci_disable_msi(msi_desc); if ( nr ) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor