CVE-2024-35801

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD<br /> <br /> Commit 672365477ae8 ("x86/fpu: Update XFD state where required") and<br /> commit 8bf26758ca96 ("x86/fpu: Add XFD state to fpstate") introduced a<br /> per CPU variable xfd_state to keep the MSR_IA32_XFD value cached, in<br /> order to avoid unnecessary writes to the MSR.<br /> <br /> On CPU hotplug MSR_IA32_XFD is reset to the init_fpstate.xfd, which<br /> wipes out any stale state. But the per CPU cached xfd value is not<br /> reset, which brings them out of sync.<br /> <br /> As a consequence a subsequent xfd_update_state() might fail to update<br /> the MSR which in turn can result in XRSTOR raising a #NM in kernel<br /> space, which crashes the kernel.<br /> <br /> To fix this, introduce xfd_set_state() to write xfd_state together<br /> with MSR_IA32_XFD, and use it in all places that set MSR_IA32_XFD.