NACK: [Zesty][PATCH 0/1] CVE-2017-17741
Stefan Bader
stefan.bader at canonical.com
Tue Jan 23 13:54:32 UTC 2018
On 04.01.2018 07:58, Khalid Elmously wrote:
> CVE-2017-17741
>
>
> The KVM implementation in the Linux kernel through 4.14.7 allows attackers
> to cause a denial of service (write_mmio stack-based out-of-bounds read) or
> possibly have unspecified other impact, related to arch/x86/kvm/x86.c and
> include/trace/events/kvm.h.
>
> This was backported from upstream e39d200fa5bf5b94a0948db0dae44c1b73b84a56 with very minor changes - however different patches are needed for Trusty/Xenial/Artful so they will be in a different email thread.
>
>
> Wanpeng Li (1):
> KVM: Fix stack-out-of-bounds read in write_mmio
>
> arch/arm/kvm/mmio.c | 6 +++---
> arch/x86/kvm/x86.c | 8 ++++----
> include/trace/events/kvm.h | 7 +++++--
> 3 files changed, 12 insertions(+), 9 deletions(-)
>
Zesty is EOL
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20180123/d5292729/attachment.sig>
More information about the kernel-team
mailing list