Linux kernel: powerpc: RTAS calls can be used to compromise kernel integrity
Andrew Donnellan
ajd at linux.ibm.com
Thu Dec 10 23:47:30 AEDT 2020
On 24/11/20 1:41 am, Andrew Donnellan wrote:
> On 9/10/20 12:20 pm, Andrew Donnellan wrote:
>> The Linux kernel for powerpc has an issue with the Run-Time
>> Abstraction Services (RTAS) interface, allowing root (or CAP_SYS_ADMIN
>> users) in a VM to overwrite some parts of memory, including kernel
>> memory.
>>
>> This issue impacts guests running on top of PowerVM or KVM hypervisors
>> (pseries platform), and does *not* impact bare-metal machines (powernv
>> platform).
> CVE-2020-27777 has been assigned.
A minor regression has been identified, affecting the ibm,open-errinjct
RTAS call.
A patch is available at
https://patchwork.ozlabs.org/project/linuxppc-dev/patch/20201208195434.8289-1-tyreld@linux.ibm.com/
Thanks to Tyrel Datwyler for identifying and fixing this issue.
--
Andrew Donnellan OzLabs, ADL Canberra
ajd at linux.ibm.com IBM Australia Limited
More information about the Linuxppc-dev
mailing list