Branch: refs/heads/master
Home: https://github.com/tianocore/edk2
Commit: e3fa6986ae8521275fc6ca161f7394a3809f8723
https://github.com/tianocore/edk2/commit/e3fa6986ae8521275fc6ca161f7394a3809f8723
Author: Adam Dunlap <[email protected]>
Date: 2024-04-23 (Tue, 23 Apr 2024)
Changed paths:
M OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
Log Message:
-----------
OvmfPkg: Harden #VC instruction emulation somewhat (CVE-2024-25742)
Ensure that when a #VC exception happens, the instruction at the
instruction pointer matches the instruction that is expected given the
error code. This is to mitigate the ahoi WeSee attack [1] that could
allow hypervisors to breach integrity and confidentiality of the
firmware by maliciously injecting interrupts. This change is a
translated version of a linux patch e3ef461af35a ("x86/sev: Harden #VC
instruction emulation somewhat")
[1] https://ahoi-attacks.github.io/wesee/
Cc: Borislav Petkov (AMD) <[email protected]>
Cc: Tom Lendacky <[email protected]>
Signed-off-by: Adam Dunlap <[email protected]>
Reviewed-by: Tom Lendacky <[email protected]>
Reviewed-by: Gerd Hoffmann <[email protected]>
To unsubscribe from these emails, change your notification settings at
https://github.com/tianocore/edk2/settings/notifications
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
