DEBIAN-CVE-2022-48765
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-48765
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-48765.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-48765
- Upstream
- Published
- 2024-06-20T12:15:14Z
- Modified
- 2025-09-19T06:17:14Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: KVM: LAPIC: Also cancel preemption timer during SETLAPIC The below warning is splatting during guest reboot. ------------[ cut here ]------------ WARNING: CPU: 0 PID: 1931 at arch/x86/kvm/x86.c:10322 kvmarchvcpuioctlrun+0x874/0x880 [kvm] CPU: 0 PID: 1931 Comm: qemu-system-x86 Tainted: G I 5.17.0-rc1+ #5 RIP: 0010:kvmarchvcpuioctlrun+0x874/0x880 [kvm] Call Trace: <TASK> kvmvcpuioctl+0x279/0x710 [kvm] _x64sysioctl+0x83/0xb0 dosyscall64+0x3b/0xc0 entrySYSCALL64afterhwframe+0x44/0xae RIP: 0033:0x7fd39797350b This can be triggered by not exposing tsc-deadline mode and doing a reboot in the guest. The lapicshutdown() function which is called in sysreboot path will not disarm the flying timer, it just masks LVTT. lapicshutdown() clears APIC state w/ LVTMASKED and timer-mode bit is 0, this can trigger timer-mode switch between tsc-deadline and oneshot/periodic, which can result in preemption timer be cancelled in apicupdatelvtt(). However, We can't depend on this when not exposing tsc-deadline mode and oneshot/periodic modes emulated by preemption timer. Qemu will synchronise states around reset, let's cancel preemption timer under KVMSETLAPIC.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source