[b,c,d] [PATCH 0/1] Fix for CVE-2019-13233
Benjamin M Romer
benjamin.romer at canonical.com
Tue Jul 16 17:08:23 UTC 2019
Clean cherry-pick to b/c/d.
CVE-2019-13233:
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is
a use-after-free for access to an LDT entry because of a race condition
between modify_ldt() and a #BR exception for an MPX bounds violation.
Jann Horn (1):
x86/insn-eval: Fix use-after-free access to LDT entry
arch/x86/lib/insn-eval.c | 47 ++++++++++++++++++++--------------------
1 file changed, 24 insertions(+), 23 deletions(-)
--
2.20.1
More information about the kernel-team
mailing list