CVE-2024-53196

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74

Description The issue is related to the KVM UAPI in the Linux kernel, where returning an abort to the guest for an unsupported MMIO access can cause a warning. This warning occurs when KVM is advancing PC while an exception is pending, specifically when retiring the MMIO instruction despite a pending synchronous external abort. The problem arises from limited testing of this plumbing, allowing userspace to trivially cause a warning in the MMIO return. Technical details include the involvement of kvm handle mmio return and kvm arch vcpu ioctl run functions, as well as the arch/arm64/include/asm/kvm emulate.h and virt/kvm/kvm main.c files. No information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations To resolve the issue, update to Linux kernel version 6.6.74 or later. As a temporary workaround, consider restricting access to the KVM UAPI to minimize the risk of exploitation. Additionally, be cautious when using the kvm handle mmio return function and the related kvm arch vcpu ioctl run function to handle MMIO instructions, as these are directly involved in the issue.