CVE-2024-26814

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> vfio/fsl-mc: Block calling interrupt handler without trigger<br /> <br /> The eventfd_ctx trigger pointer of the vfio_fsl_mc_irq object is<br /> initially NULL and may become NULL if the user sets the trigger<br /> eventfd to -1. The interrupt handler itself is guaranteed that<br /> trigger is always valid between request_irq() and free_irq(), but<br /> the loopback testing mechanisms to invoke the handler function<br /> need to test the trigger. The triggering and setting ioctl paths<br /> both make use of igate and are therefore mutually exclusive.<br /> <br /> The vfio-fsl-mc driver does not make use of irqfds, nor does it<br /> support any sort of masking operations, therefore unlike vfio-pci<br /> and vfio-platform, the flow can remain essentially unchanged.