retire more issues

author: Moritz Muehlenhoff <jmm@debian.org> 2018-10-10 16:08:10 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2018-10-10 16:08:10 +0200
commit: e58840f1b07272348f16568187550f5c219ee2eb (patch)
tree: b971c0cfbc0ac9ff0560015a7861cbb6560c73ae /retired/CVE-2018-14678
parent: 57b924820eb68766ff307bf9efd9f1d318dd0a34 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2018-14678 b/retired/CVE-2018-14678
new file mode 100644
index 00000000..1be10453
--- /dev/null
+++ b/retired/CVE-2018-14678
@@ -0,0 +1,18 @@
+Description: XSA-274: Uninitialized state in PV syscall return path
+References:
+ https://xenbits.xen.org/xsa/advisory-274.html
+Notes:
+ carnil> Fixes 3ac6d8c787b8 ("x86/entry/64: Clear registers for
+ carnil> exceptions/interrupts, to reduce speculation attack surface")
+ carnil> which was cc'ed to stable@vger.kernel.org.
+ carnil> Seems to have been applied to 4.14+
+ carnil> But according to Andy Lutomirski malicious userspace could
+ canril> possibly use the respective fixed bug to crash the kernel
+ carnil> even withouth the offending patch (3ac6d8c787b8) applied.
+Bugs:
+upstream: released (4.18-rc8) [b3681dd548d06deb2e1573890829dff4b15abf46]
+4.9-upstream-stable: released (4.9.124) [987156381c5f875d75ef1f7cc29994d82f646dad]
+3.16-upstream-stable: released (3.16.58) [x86-entry-64-remove-ebx-handling-from-error_entry-exit.patch]
+sid: released (4.17.14-1)
+4.9-stretch-security: released (4.9.110-3+deb9u5) [bugfix/x86/x86-entry-64-Remove-ebx-handling-from-error_entry-ex.patch]
+3.16-jessie-security: released (3.16.59-1)
author	Moritz Muehlenhoff <jmm@debian.org>	2018-10-10 16:08:10 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2018-10-10 16:08:10 +0200
commit	e58840f1b07272348f16568187550f5c219ee2eb (patch)
tree	b971c0cfbc0ac9ff0560015a7861cbb6560c73ae /retired/CVE-2018-14678
parent	57b924820eb68766ff307bf9efd9f1d318dd0a34 (diff)