Retire CVE-2016-4440

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4422 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2016-05-30 05:08:50 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2016-05-30 05:08:50 +0000
commit: 08e581f4594ed7eb4ad77bff31321c6b33097749 (patch)
tree: b8363a32909bb8f0d9fb2c62cb0e4932bd69a091 /retired/CVE-2016-4440
parent: f979d826fd47c98e71da256316b298993d72817a (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2016-4440 b/retired/CVE-2016-4440
new file mode 100644
index 00000000..3f80bced
--- /dev/null
+++ b/retired/CVE-2016-4440
@@ -0,0 +1,16 @@
+Description: kvm: vmx: incorrect state update leading to MSR access
+References:
+ http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/152191
+ http://comments.gmane.org/gmane.comp.emulators.kvm.devel/152100
+Notes:
+ bwh> Based on the discussion, this appears to have been introduced in 4.5 by
+ bwh> commits d62caabb41f33d96333f9ef15e09cd26e1c12760 and
+ bwh> 5c919412fe61c35947816fdbd5f7bd09fe0dd073
+Bugs:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1337806
+upstream: released (4.7-rc1) [3ce424e45411cf5a13105e0386b6ecf6eeb4f66f]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.5.5-1) [bugfix/x86/kvm-vmx-more-complete-state-update-on-apicv-on-off.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2016-05-30 05:08:50 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2016-05-30 05:08:50 +0000
commit	08e581f4594ed7eb4ad77bff31321c6b33097749 (patch)
tree	b8363a32909bb8f0d9fb2c62cb0e4932bd69a091 /retired/CVE-2016-4440
parent	f979d826fd47c98e71da256316b298993d72817a (diff)