blob: 3039e991046e072b013f5841a1e547d884dc7f47 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Description: KVM: MMU potential stack buffer overrun during page walks
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1500380
https://www.spinics.net/lists/kvm/msg156651.html
Notes:
carnil> According to Paolo Bonzini, only
carnil> https://www.spinics.net/lists/kvm/msg156650.html
carnil> is needed to fix CVE-2017-12188
carnil> Issue might thus only affect kernels starting from 4.6-rc1
carnil> but I'm not 100% certain on the last claim or if we should
carnil> adress the issue as well for kernels later than 3.12-rc1
bwh> Let's trust Paolo on this
Bugs:
upstream: released (4.14-rc5) [fd19d3b45164466a4adce7cbff448ba9189e1427, 829ee279aed43faa5cb1e4d65c0cad52f2426c53]
4.9-upstream-stable: released (4.9.57) [28955b03fac36829831e185e3ec2793f8eb18689, 3610c4a7838df867d1b9d83a38c87042859ff896]
3.16-upstream-stable: N/A "Vulnerable code not present"
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.13.4-2) [bugfix/x86/KVM-nVMX-update-last_nonleaf_level-when-initializing.patch, bugfix/x86/KVM-MMU-always-terminate-page-walks-at-level-1.patch]
4.9-stretch-security: released (4.9.65-1)
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
|
