ACK: [CVE-2015-8104] KVM: svm: unconditionally intercept #DB
Stefan Bader
stefan.bader at canonical.com
Thu Nov 26 14:01:47 UTC 2015
On 26.11.2015 13:09, Luis Henriques wrote:
> Description:
> The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through
> 4.6.x, allows guest OS users to cause a denial of service (host OS panic or
> hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
>
> BugLink: https://bugs.launchpad.net/bugs/1520184
>
> Following this email, I am sending the patches to fix CVE-2015-8104 in
> Precise, Trusty, LTS-Utopic, Vivid and Wily.
>
> Please note that the Precise backport was picked from Ben Hutching's
> 3.2.74-rc1 (currently under reviewed), which has received feedback from
> the original author of the patch (Paolo Bonzini).
>
As far as I can see the backports follow the upstream change (with explanations
in mind).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20151126/e11892dc/attachment.sig>
More information about the kernel-team
mailing list