[b,c,d] [PATCH 0/1] Fix for CVE-2019-13233

Benjamin M Romer benjamin.romer at canonical.com
Tue Jul 16 17:08:23 UTC 2019

Clean cherry-pick to b/c/d.


In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is 
a use-after-free for access to an LDT entry because of a race condition 
between modify_ldt() and a #BR exception for an MPX bounds violation.

Jann Horn (1):
  x86/insn-eval: Fix use-after-free access to LDT entry

 arch/x86/lib/insn-eval.c | 47 ++++++++++++++++++++--------------------
 1 file changed, 24 insertions(+), 23 deletions(-)


More information about the kernel-team mailing list