[SRU][Trusty][PATCH 0/1] Fix for CVE-2016-9588

Kleber Sacilotto de Souza kleber.souza at canonical.com
Fri Oct 12 11:38:05 UTC 2018


https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9588.html

  Jim Mattson discovered that the KVM implementation in the Linux kernel
  mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
  machine could use this to cause a denial of service (guest OS crash).

Simple backport needed for context ajustment. Already fixed for Xenial
and later series. Compile tested.

Jim Mattson (1):
  kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)

 arch/x86/kvm/vmx.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

-- 
2.17.1





More information about the kernel-team mailing list