ACK: [CVE-2012-4461] kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set

Colin Ian King colin.king at canonical.com
Thu Dec 13 15:34:41 UTC 2012


On 13/12/12 14:32, Luis Henriques wrote:
> On hosts without the XSAVE support unprivileged local user can trigger
> oops by setting X86_CR4_OSXSAVE bit in guest cr4 register using
> KVM_SET_SREGS ioctl and later issuing KVM_RUN ioctl.
>
> Following this email, there's a patch that fixes this issue for Precise
> and Quantal.  This patch is a clean cherry-pick from
> 6d1068b3a98519247d8ba4ec85cd40ac136dbdf9.
>
> There's also another patch that fixes this for Oneiric, a backport of
> the same SHA1.
>
> Cheers,
> --
> Luis
>
Ack for all







More information about the kernel-team mailing list