diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2019-08-12 23:04:17 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2019-08-12 23:04:17 +0200 |
commit | 3ca9ce371fb88c01c47dd72d1601334fd70a4dca (patch) | |
tree | 3eaf4e40083830485736d0104e73f57b2fbe8556 /dsa-texts/4.9.168-1+deb9u5 | |
parent | fd13fccacac891e2a725a7bf97604e2a20e98566 (diff) |
Add proposed description for XSA-300
Diffstat (limited to 'dsa-texts/4.9.168-1+deb9u5')
-rw-r--r-- | dsa-texts/4.9.168-1+deb9u5 | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/dsa-texts/4.9.168-1+deb9u5 b/dsa-texts/4.9.168-1+deb9u5 index 8fcce229..2b732aa9 100644 --- a/dsa-texts/4.9.168-1+deb9u5 +++ b/dsa-texts/4.9.168-1+deb9u5 @@ -142,6 +142,13 @@ CVE-2019-14284 user-visible IDs, which could make it easier to exploit other security vulnerabilities. +XSA-300 + + Julien Grall reported that Linux does not limit the amount of memory + which a domain will attempt to baloon out, nor limits the amount of + "foreign / grant map" memory which any individual guest can consume, + leading to denial of service conditions (for host or guests). + For the oldstable distribution (stretch), these problems have been fixed in version 4.9.168-1+deb9u5. |