cve 2024 43819

CVE-2024-43819 is a Linux kernel vulnerability affecting the s390 KVM implementation. It involves a null-pointer dereference that can be triggered when userland memory-region ioctls are used against ucontrol virtual machines. This flaw could lead to a denial-of-service condition on affected hosts. The patch addresses the issue by rejecting KVM_SET_USER_MEMORY_REGION and KVM_SET_USER_MEMORY_REGION2 for ucontrol guests, directing memory management to the s390-specific KVM_S390_UCAS_MAP and KVM_S390_UCAS_UNMAP interfaces. This targeted change prevents the crash path and closes the security hole. The fix is considered small and surgical, focusing on the specific defect without broader kernel changes.