Clarify that CVE-2016-9588 only applies to nested VMX

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5058 e094ebfe-e918-0410-adfb-c712417f3574
author: Ben Hutchings <benh@debian.org> 2017-03-08 14:56:53 +0000
committer: Ben Hutchings <benh@debian.org> 2017-03-08 14:56:53 +0000
commit: b01ca5a4080a821aab4a9a0f53f9f2d054374287 (patch)
tree: 171a160bff27a0e67469823c31c96a0139d61acd /dsa-texts/3.16.39-1+deb8u2
parent: 042f4bc2f12c14a0fe0ac6aa934db55be4086385 (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/dsa-texts/3.16.39-1+deb8u2 b/dsa-texts/3.16.39-1+deb8u2
index 7a5ab99a..825b23ee 100644
--- a/dsa-texts/3.16.39-1+deb8u2
+++ b/dsa-texts/3.16.39-1+deb8u2
@@ -9,10 +9,11 @@ impacts.
 
 CVE-2016-9588
 
-    Jim Mattson discovered that the KVM implementation does not properly
-    handle #BP and #OF exceptions. A local attacker in a guest virtual
-    machine can take advantage of this flaw to cause a denial of service
-    (guest OS crash).
+    Jim Mattson discovered that the KVM implementation for Intel x86
+    processors does not properly handle #BP and #OF exceptions in an
+    L2 (nested) virtual machine. A local attacker in an L2 guest VM
+    can take advantage of this flaw to cause a denial of service for
+    the L1 guest VM.
 
 CVE-2017-2636
author	Ben Hutchings <benh@debian.org>	2017-03-08 14:56:53 +0000
committer	Ben Hutchings <benh@debian.org>	2017-03-08 14:56:53 +0000
commit	b01ca5a4080a821aab4a9a0f53f9f2d054374287 (patch)
tree	171a160bff27a0e67469823c31c96a0139d61acd /dsa-texts/3.16.39-1+deb8u2
parent	042f4bc2f12c14a0fe0ac6aa934db55be4086385 (diff)