)]}'
{
  "commit": "46fb160ebf1736bf65acf4d5cd6a12de06384337",
  "tree": "ba07f314228bca57cf608833984a285bda5b52db",
  "parents": [
    "f6817273147c1f0184364f3966120eba5277693f"
  ],
  "author": {
    "name": "Joerg Roedel",
    "email": "jroedel@suse.de",
    "time": "Mon Oct 16 14:42:50 2023 +0200"
  },
  "committer": {
    "name": "He Gao",
    "email": "hegao@google.com",
    "time": "Fri Nov 10 21:20:06 2023 +0000"
  },
  "message": "x86/sev: Check for user-space IOIO pointing to kernel space\n\nUpstream commit: 63e44bc52047f182601e7817da969a105aa1f721\n\nCheck the memory operand of INS/OUTS before emulating the instruction.\nThe #VC exception can get raised from user-space, but the memory operand\ncan be manipulated to access kernel memory before the emulation actually\nbegins and after the exception handler has run.\n\n  [ bp: Massage commit message. ]\n\nCherry-pick to release branch to fix CVE-2023-46813.\n\nBUG\u003db/309761931\nTEST\u003dpresubmit\nRELEASE_NOTE\u003dFixed CVE-2023-46813 in the Linux kernel.\n\nFixes: 597cfe48212a (\"x86/boot/compressed/64: Setup a GHCB-based VC Exception handler\")\nReported-by: Tom Dohrmann \u003cerbse.13@gmx.de\u003e\nChange-Id: I60ed44faf0d924d8749a4d2e1f985921553873bd\nSigned-off-by: Joerg Roedel \u003cjroedel@suse.de\u003e\nSigned-off-by: Borislav Petkov (AMD) \u003cbp@alien8.de\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\nReviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/61014\nTested-by: Cusky Presubmit Bot \u003cpresubmit@cos-infra-prod.iam.gserviceaccount.com\u003e\nReviewed-by: Anil Altinay \u003caaltinay@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "cd89c6cd1bc213b0c916eaec8dfcddc20259208d",
      "old_mode": 33188,
      "old_path": "arch/x86/boot/compressed/sev.c",
      "new_id": "1b1b5542c77802df99b9e78a105d7fb0a583458d",
      "new_mode": 33188,
      "new_path": "arch/x86/boot/compressed/sev.c"
    },
    {
      "type": "modify",
      "old_id": "9c1c865a591563145218cf3a941c6b3c34b98c14",
      "old_mode": 33188,
      "old_path": "arch/x86/kernel/sev-shared.c",
      "new_id": "bd40faeb50e07e3b0e7311b8ac97d4a4419a5c2e",
      "new_mode": 33188,
      "new_path": "arch/x86/kernel/sev-shared.c"
    }
  ]
}