{"id":"CVE-2024-55881","summary":"KVM: x86: Play nice with protected guests in complete_hypercall_exit()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Play nice with protected guests in complete_hypercall_exit()\n\nUse is_64_bit_hypercall() instead of is_64_bit_mode() to detect a 64-bit\nhypercall when completing said hypercall.  For guests with protected state,\ne.g. SEV-ES and SEV-SNP, KVM must assume the hypercall was made in 64-bit\nmode as the vCPU state needed to detect 64-bit mode is unavailable.\n\nHacking the sev_smoke_test selftest to generate a KVM_HC_MAP_GPA_RANGE\nhypercall via VMGEXIT trips the WARN:\n\n  ------------[ cut here ]------------\n  WARNING: CPU: 273 PID: 326626 at arch/x86/kvm/x86.h:180 complete_hypercall_exit+0x44/0xe0 [kvm]\n  Modules linked in: kvm_amd kvm ... [last unloaded: kvm]\n  CPU: 273 UID: 0 PID: 326626 Comm: sev_smoke_test Not tainted 6.12.0-smp--392e932fa0f3-feat #470\n  Hardware name: Google Astoria/astoria, BIOS 0.20240617.0-0 06/17/2024\n  RIP: 0010:complete_hypercall_exit+0x44/0xe0 [kvm]\n  Call Trace:\n   \u003cTASK\u003e\n   kvm_arch_vcpu_ioctl_run+0x2400/0x2720 [kvm]\n   kvm_vcpu_ioctl+0x54f/0x630 [kvm]\n   __se_sys_ioctl+0x6b/0xc0\n   do_syscall_64+0x83/0x160\n   entry_SYSCALL_64_after_hwframe+0x76/0x7e\n   \u003c/TASK\u003e\n  ---[ end trace 0000000000000000 ]---","modified":"2026-04-02T12:24:16.710489Z","published":"2025-01-11T12:35:44.019Z","related":["MGASA-2025-0030","MGASA-2025-0032","SUSE-SU-2025:0289-1","SUSE-SU-2025:0428-1","SUSE-SU-2025:0499-1","SUSE-SU-2025:0557-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","USN-7379-2","USN-7380-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/55xxx/CVE-2024-55881.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0840d360a8909c722fb62459f42836afe32ededb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/22b5c2acd65dbe949032f619d4758a35a82fffc3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3d2634ec0d1dbe8f4b511cf5261f327c6a76f4b6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7ed4db315094963de0678a8adfd43c46471b9349"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9b42d1e8e4fe9dc631162c04caa69b0d1860b0f0"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/55xxx/CVE-2024-55881.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-55881"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5969e2435cbd7f0ce8c28d717bfc39987ee8d8f1"},{"fixed":"0840d360a8909c722fb62459f42836afe32ededb"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b5aead0064f33ae5e693a364e3204fe1c0ac9af2"},{"fixed":"7ed4db315094963de0678a8adfd43c46471b9349"},{"fixed":"3d2634ec0d1dbe8f4b511cf5261f327c6a76f4b6"},{"fixed":"22b5c2acd65dbe949032f619d4758a35a82fffc3"},{"fixed":"9b42d1e8e4fe9dc631162c04caa69b0d1860b0f0"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-55881.json"}}],"schema_version":"1.7.5"}