CVE-2020-2732
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu Feb 27 18:51:14 UTC 2020
These are backports of the fixes to CVE-2020-2732. They affect X86 hosts. A
nested guest (L2) may execute disallowed code, leading to access to L1
resources.
I used the backport from 4.4.y, which includes "emulate RDPID" as a pre-req, so
we divert the least as possible from stable upstream.
I did the same for Bionic 4.15, using the backports from 4.14.y.
D/E/F have been built-tested, Ben Romer did some nested guest smoke testing
with the Bionic patches, although with a version without the pre-req.
Xenial is build testing right now. More tests are in development.
More information about the kernel-team
mailing list