summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2017-12188
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2017-12-09 08:52:03 +0000
committerSalvatore Bonaccorso <carnil@debian.org>2017-12-09 08:52:03 +0000
commitf3dd331af9c70c6b5158fc1cd6a0ebc8f14714d3 (patch)
treeedcf14e6de0e9d6e41f5c2a25173cff32a4ec6a3 /retired/CVE-2017-12188
parent8a5e0e12add23e540c83f904ae19ccac1a4116fa (diff)
Retire several CVEs fixed everywhere
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5772 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2017-12188')
-rw-r--r--retired/CVE-2017-1218821
1 files changed, 21 insertions, 0 deletions
diff --git a/retired/CVE-2017-12188 b/retired/CVE-2017-12188
new file mode 100644
index 00000000..3039e991
--- /dev/null
+++ b/retired/CVE-2017-12188
@@ -0,0 +1,21 @@
+Description: KVM: MMU potential stack buffer overrun during page walks
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1500380
+ https://www.spinics.net/lists/kvm/msg156651.html
+Notes:
+ carnil> According to Paolo Bonzini, only
+ carnil> https://www.spinics.net/lists/kvm/msg156650.html
+ carnil> is needed to fix CVE-2017-12188
+ carnil> Issue might thus only affect kernels starting from 4.6-rc1
+ carnil> but I'm not 100% certain on the last claim or if we should
+ carnil> adress the issue as well for kernels later than 3.12-rc1
+ bwh> Let's trust Paolo on this
+Bugs:
+upstream: released (4.14-rc5) [fd19d3b45164466a4adce7cbff448ba9189e1427, 829ee279aed43faa5cb1e4d65c0cad52f2426c53]
+4.9-upstream-stable: released (4.9.57) [28955b03fac36829831e185e3ec2793f8eb18689, 3610c4a7838df867d1b9d83a38c87042859ff896]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.4-2) [bugfix/x86/KVM-nVMX-update-last_nonleaf_level-when-initializing.patch, bugfix/x86/KVM-MMU-always-terminate-page-walks-at-level-1.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"

© 2014-2024 Faster IT GmbH | imprint | privacy policy