ACK: [SRU][Trusty][PATCH 0/1] Fix for CVE-2016-9588

Khaled Elmously khalid.elmously at canonical.com
Sun Oct 14 16:46:24 UTC 2018


On 2018-10-12 13:38:05 , Kleber Souza wrote:
> https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9588.html
> 
>   Jim Mattson discovered that the KVM implementation in the Linux kernel
>   mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
>   machine could use this to cause a denial of service (guest OS crash).
> 
> Simple backport needed for context ajustment. Already fixed for Xenial
> and later series. Compile tested.
> 
> Jim Mattson (1):
>   kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
> 
>  arch/x86/kvm/vmx.c | 11 +++++------
>  1 file changed, 5 insertions(+), 6 deletions(-)
> 

Acked-by: Khalid Elmously <khalid.elmously at canonical.com>





More information about the kernel-team mailing list