{"id":"CVE-2024-55881","summary":"KVM: x86: Play nice with protected guests in complete_hypercall_exit()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Play nice with protected guests in complete_hypercall_exit()\n\nUse is_64_bit_hypercall() instead of is_64_bit_mode() to detect a 64-bit\nhypercall when completing said hypercall.  For guests with protected state,\ne.g. SEV-ES and SEV-SNP, KVM must assume the hypercall was made in 64-bit\nmode as the vCPU state needed to detect 64-bit mode is unavailable.\n\nHacking the sev_smoke_test selftest to generate a KVM_HC_MAP_GPA_RANGE\nhypercall via VMGEXIT trips the WARN:\n\n  ------------[ cut here ]------------\n  WARNING: CPU: 273 PID: 326626 at arch/x86/kvm/x86.h:180 complete_hypercall_exit+0x44/0xe0 [kvm]\n  Modules linked in: kvm_amd kvm ... [last unloaded: kvm]\n  CPU: 273 UID: 0 PID: 326626 Comm: sev_smoke_test Not tainted 6.12.0-smp--392e932fa0f3-feat #470\n  Hardware name: Google Astoria/astoria, BIOS 0.20240617.0-0 06/17/2024\n  RIP: 0010:complete_hypercall_exit+0x44/0xe0 [kvm]\n  Call Trace:\n   \u003cTASK\u003e\n   kvm_arch_vcpu_ioctl_run+0x2400/0x2720 [kvm]\n   kvm_vcpu_ioctl+0x54f/0x630 [kvm]\n   __se_sys_ioctl+0x6b/0xc0\n   do_syscall_64+0x83/0x160\n   entry_SYSCALL_64_after_hwframe+0x76/0x7e\n   \u003c/TASK\u003e\n  ---[ end trace 0000000000000000 ]---","modified":"2026-05-18T05:57:59.565957327Z","published":"2025-01-11T12:35:44.019Z","related":["SUSE-SU-2025:0289-1","SUSE-SU-2025:0428-1","SUSE-SU-2025:0499-1","SUSE-SU-2025:0557-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","USN-7379-2","USN-7380-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/55xxx/CVE-2024-55881.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0840d360a8909c722fb62459f42836afe32ededb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/22b5c2acd65dbe949032f619d4758a35a82fffc3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3d2634ec0d1dbe8f4b511cf5261f327c6a76f4b6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7ed4db315094963de0678a8adfd43c46471b9349"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9b42d1e8e4fe9dc631162c04caa69b0d1860b0f0"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/55xxx/CVE-2024-55881.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-55881"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5969e2435cbd7f0ce8c28d717bfc39987ee8d8f1"},{"fixed":"0840d360a8909c722fb62459f42836afe32ededb"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b5aead0064f33ae5e693a364e3204fe1c0ac9af2"},{"fixed":"7ed4db315094963de0678a8adfd43c46471b9349"},{"fixed":"3d2634ec0d1dbe8f4b511cf5261f327c6a76f4b6"},{"fixed":"22b5c2acd65dbe949032f619d4758a35a82fffc3"},{"fixed":"9b42d1e8e4fe9dc631162c04caa69b0d1860b0f0"}]}],"versions":["v5.15.175","v5.15.174","v5.15.173","v5.15.172","v5.15.171","v5.15.170","v5.15.169","v5.15.168","v5.15.167","v5.15.166","v5.15.165","v5.15.164","v5.15.163","v5.15.162","v5.15.161","v5.15.160","v5.15.159","v5.15.158","v5.15.157","v5.15.156","v5.15.155","v5.15.154","v5.15.153","v5.15.152","v5.15.151","v5.15.150","v5.15.149","v5.15.148","v5.15.147","v5.15.146","v5.15.145","v5.15.144","v5.15.143","v5.15.142","v5.15.141","v5.15.140","v5.15.139","v5.15.138","v5.15.137","v5.15.136","v5.15.135","v5.15.134","v5.15.133","v5.15.132","v5.15.131","v5.15.130","v5.15.129","v5.15.128","v5.15.127","v5.15.126","v5.15.125","v5.15.124","v5.15.123","v5.15.122","v5.15.121","v5.15.120","v5.15.119","v5.15.118","v5.15.117","v5.15.116","v5.15.115","v5.15.114","v5.15.113","v5.15.112","v5.15.111","v5.15.110","v5.15.109","v5.15.108","v5.15.107","v5.15.106","v5.15.105","v5.15.104","v5.15.103","v5.15.102","v5.15.101","v5.15.100","v5.15.99","v5.15.98","v5.15.97","v5.15.96","v5.15.95","v5.15.94","v5.15.93","v5.15.92","v5.15.91","v5.15.90","v5.15.89","v5.15.88","v5.15.87","v5.15.86","v5.15.85","v5.15.84","v5.15.83","v5.15.82","v5.15.81","v5.15.80","v5.15.79","v5.15.78","v5.15.77","v5.15.76","v5.15.75","v5.15.74","v5.15.73","v5.15.72","v5.15.71","v5.15.70","v5.15.69","v5.15.68","v5.15.67","v5.15.66","v5.15.65","v5.15.64","v5.15.63","v5.15.62","v5.15.61","v5.15.60","v5.15.59","v5.15.58","v5.15.57","v5.15.56","v5.15.55","v5.15.54","v5.15.53","v5.15.52","v5.15.51","v5.15.50","v5.15.49","v5.15.48","v5.15.47","v5.15.46","v5.15.45","v5.15.44","v5.15.43","v5.15.42","v5.15.41","v5.15.40","v5.15.39","v5.15.38","v5.15.37","v5.15.36","v5.15.35","v5.15.34","v5.15.33","v5.15.32","v5.15.31","v5.15.30","v5.15.29","v5.15.28","v5.15.27","v5.15.26","v5.15.25","v5.15.24","v5.15.23","v5.15.22","v5.15.21","v5.15.20","v5.15.19","v5.15.18","v5.15.17","v5.15.16","v5.15.15","v5.15.14","v5.15.13","v5.15.12","v5.15.11","v5.15.10","v5.15.9","v5.15.8","v5.15.7","v5.15.6","v5.15.5"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-55881.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.176"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.122"},{"fixed":"6.6.68"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.12.7"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-55881.json"}}],"schema_version":"1.7.5"}