CVE-2020-12888

Отчет

This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. This issue affects the versions of the kernel package as shipped with Red Hat Enterprise Linux 7 and 8. Future kernel updates for Red Hat Enterprise Linux 7 and 8 may address this issue. A regression of CVE-2020-12888 has been reintroduced in RHEL 9.4–9.6 due to the backport of the fork: defer linking file vma patch (related to CVE-2024-27022). This flaw allows a privileged VFIO userspace process to retain stale MMIO mappings after a fork(), leading to host crashes if the child process accesses the device after MMIO has been disabled. While the bug was transient in upstream (v6.9 only), it remains present in multiple RHEL9 releases. Only users with high privileges and access to a VFIO-assigned device can exploit this, and no impact is observed in standard QEMU or DPDK configurations. Regarding this regression, the status of RHEL-9 fixes (fixed for 9.7 and 9.6 for the 21 Jul 2025 and pending for 9.4): RHEL-9.7: RHEL-73613 (kernel-5.14.0-578.el9) RHEL-9.6.z: RHEL-85623 (kernel-5.14.0-570.26.1.el9_6) RHEL-9.5.z: N/A RHEL-9.4.z: RHEL-85621 (under development) The 9.7 and 9.6.z fixes backport the upstream solution while the 9.4.z fix is pursuing a RHEL specific fix to reduce the scope and risk. RHEL-10 is not affected, because branched at 6.12.