Linux Kernel KVM SEV-ES Intrahost Migration vCPU Handling Vulnerability

A vulnerability in the Linux kernel's KVM (Kernel-based Virtual Machine) module for AMD processors has been addressed. This issue arose during SEV-ES (Secure Encrypted Virtualization-Encrypted State) intrahost migration, where the hypervisor incorrectly sourced virtual CPUs (vCPUs) from the destination virtual machine instead of the source. This mistake not only disrupted the guest virtual machine but also caused a crash in the host system. The crash occurred because a critical pointer was left null, leading to a page fault error. The vulnerability affects Linux kernel versions through 6.5.0.

Impact

The incorrect handling of vCPU migration can cause the guest virtual machine to malfunction and crash the host system.

Reproduction

To reproduce this vulnerability, initiate an intrahost migration of a SEV-ES virtual machine within KVM on an AMD processor. The hypervisor will mistakenly retrieve vCPUs from the destination VM, causing the guest to hang and the host to crash due to a null pointer error.

Remediation

Users can upgrade to the latest stable version of the Linux kernel to address this vulnerability.