mbox series

[SRU,Trusty,0/1] Fix for CVE-2016-9588

Message ID 20181012113806.7483-1-kleber.souza@canonical.com
Headers show
Series Fix for CVE-2016-9588 | expand

Message

Kleber Sacilotto de Souza Oct. 12, 2018, 11:38 a.m. UTC 
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9588.html

  Jim Mattson discovered that the KVM implementation in the Linux kernel
  mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
  machine could use this to cause a denial of service (guest OS crash).

Simple backport needed for context ajustment. Already fixed for Xenial
and later series. Compile tested.

Jim Mattson (1):
  kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)

 arch/x86/kvm/vmx.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

Comments

Khalid Elmously Oct. 12, 2018, 12:10 p.m. UTC | #1 
On 2018-10-12 13:38:05 , Kleber Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9588.html
> 
>   Jim Mattson discovered that the KVM implementation in the Linux kernel
>   mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
>   machine could use this to cause a denial of service (guest OS crash).
> 
> Simple backport needed for context ajustment. Already fixed for Xenial
> and later series. Compile tested.
> 
> Jim Mattson (1):
>   kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
> 
>  arch/x86/kvm/vmx.c | 11 +++++------
>  1 file changed, 5 insertions(+), 6 deletions(-)
>

Acked-by: Khalid Elmously <khalid.elmously@canonical.com>
Khalid Elmously Oct. 14, 2018, 4:46 p.m. UTC | #2 
On 2018-10-12 13:38:05 , Kleber Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9588.html
> 
>   Jim Mattson discovered that the KVM implementation in the Linux kernel
>   mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
>   machine could use this to cause a denial of service (guest OS crash).
> 
> Simple backport needed for context ajustment. Already fixed for Xenial
> and later series. Compile tested.
> 
> Jim Mattson (1):
>   kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
> 
>  arch/x86/kvm/vmx.c | 11 +++++------
>  1 file changed, 5 insertions(+), 6 deletions(-)
> 

Acked-by: Khalid Elmously <khalid.elmously@canonical.com>
Khalid Elmously Oct. 22, 2018, 7:25 a.m. UTC | #3 
On 2018-10-12 13:38:05 , Kleber Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9588.html
> 
>   Jim Mattson discovered that the KVM implementation in the Linux kernel
>   mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
>   machine could use this to cause a denial of service (guest OS crash).
> 
> Simple backport needed for context ajustment. Already fixed for Xenial
> and later series. Compile tested.
> 
> Jim Mattson (1):
>   kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
> 
>  arch/x86/kvm/vmx.c | 11 +++++------
>  1 file changed, 5 insertions(+), 6 deletions(-)
> 
> -- 
> 2.17.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team