Executive Summary

This vulnerability exists in the Linux kernel's KVM (Kernel-based Virtual Machine) subsystem for x86 architectures. It involves the handling of nested events when a virtual CPU (vCPU) is in a blocking state while a second-level (L2) virtual machine is active.

Specifically, the kernel incorrectly treats the -EBUSY error code when checking nested events from the vcpu_block() function. Exiting a blocking state while L2 is active can generate a spurious userspace exit, often with KVM_EXIT_UNKNOWN, which can cause the virtual machine to crash or behave unexpectedly.

The fix involves ignoring the -EBUSY error in this context to allow the VM to continue running, giving it a better chance of surviving without major side effects, even though the state is unusual and should ideally never occur.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can cause virtual machines running under KVM on affected Linux kernels to unexpectedly exit or crash due to improper handling of nested events during blocking states.

Such crashes or unexpected exits can lead to downtime, loss of service availability, or instability in virtualized environments, potentially impacting workloads running inside those VMs.

While the fix improves VM stability by ignoring the -EBUSY error in this scenario, the underlying issue indicates that userspace can put the vCPU into an impossible state, which might be indicative of deeper bugs or misuse.

Useful 0 Not Useful 0

Mitigation Strategies

The vulnerability has been resolved in the Linux kernel by ignoring the -EBUSY error when checking nested events from vcpu_block(). To mitigate this vulnerability, you should update your Linux kernel to the version that includes this fix.

No specific immediate commands or configuration changes are provided in the available information. The best mitigation is to apply the kernel update that contains the fix.

Useful 0 Not Useful 0