[SRU][Trusty][PATCH 0/1] Fix for CVE-2016-9588
Kleber Sacilotto de Souza
kleber.souza at canonical.com
Fri Oct 12 11:38:05 UTC 2018
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9588.html
Jim Mattson discovered that the KVM implementation in the Linux kernel
mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
machine could use this to cause a denial of service (guest OS crash).
Simple backport needed for context ajustment. Already fixed for Xenial
and later series. Compile tested.
Jim Mattson (1):
kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
arch/x86/kvm/vmx.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
--
2.17.1
More information about the kernel-team
mailing list