[Zesty][PATCH 0/1] CVE-2017-17741

Khalid Elmously khalid.elmously at canonical.com
Thu Jan 4 06:58:36 UTC 2018


CVE-2017-17741


The KVM implementation in the Linux kernel through 4.14.7 allows attackers
to cause a denial of service (write_mmio stack-based out-of-bounds read) or
possibly have unspecified other impact, related to arch/x86/kvm/x86.c and
include/trace/events/kvm.h.

This was backported from upstream e39d200fa5bf5b94a0948db0dae44c1b73b84a56 with very minor changes - however different patches are needed for Trusty/Xenial/Artful so they will be in a different email thread.


Wanpeng Li  (1):
  KVM: Fix stack-out-of-bounds read in write_mmio

 arch/arm/kvm/mmio.c        | 6 +++---
 arch/x86/kvm/x86.c         | 8 ++++----
 include/trace/events/kvm.h | 7 +++++--
 3 files changed, 12 insertions(+), 9 deletions(-)

-- 
2.14.1





More information about the kernel-team mailing list