ACK: [SRU][Trusty][PATCH 0/1] Fix for CVE-2016-9588
Khaled Elmously
khalid.elmously at canonical.com
Fri Oct 12 12:10:06 UTC 2018
On 2018-10-12 13:38:05 , Kleber Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9588.html
>
> Jim Mattson discovered that the KVM implementation in the Linux kernel
> mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
> machine could use this to cause a denial of service (guest OS crash).
>
> Simple backport needed for context ajustment. Already fixed for Xenial
> and later series. Compile tested.
>
> Jim Mattson (1):
> kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
>
> arch/x86/kvm/vmx.c | 11 +++++------
> 1 file changed, 5 insertions(+), 6 deletions(-)
>
Acked-by: Khalid Elmously <khalid.elmously at canonical.com>
More information about the kernel-team
mailing list