[PATCH 0/1] [B] CVE-2018-14678 - uninitialized memory usage
Aaron Ma
aaron.ma at canonical.com
Mon Feb 18 15:17:41 UTC 2019
Add Bionic in Subject.
Sorry for typo.
Aaron
On 2/18/19 4:08 PM, Aaron Ma wrote:
> https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-14678.html
>
> An issue was discovered in the Linux kernel through 4.17.11, as used in
> Xen
> through 4.11.x. The xen_failsafe_callback entry point in
> arch/x86/entry/entry_64.S does not properly maintain RBX, which allows
> local users to cause a denial of service (uninitialized memory usage and
> system crash). Within Xen, 64-bit x86 PV Linux guest OS users can
> trigger a
> guest OS crash or possibly gain privileges.
>
> This is a clean cherry pick to Bionic.
> Build logs are clean.
> I've smoke tested this change by booting a Bionic kernel
> with this commit applied.
>
> Andy Lutomirski (1):
> x86/entry/64: Remove %ebx handling from error_entry/exit
>
> arch/x86/entry/entry_64.S | 18 ++++--------------
> 1 file changed, 4 insertions(+), 14 deletions(-)
>
> -- 2.17.1
> -- kernel-team mailing list kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
More information about the kernel-team
mailing list