summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2018-14678
blob: 1be10453bc66f88a3ed57d13d290e8ae0d58c15c (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Description: XSA-274: Uninitialized state in PV syscall return path
References:
 https://xenbits.xen.org/xsa/advisory-274.html
Notes:
 carnil> Fixes 3ac6d8c787b8 ("x86/entry/64: Clear registers for
 carnil> exceptions/interrupts, to reduce speculation attack surface")
 carnil> which was cc'ed to stable@vger.kernel.org.
 carnil> Seems to have been applied to 4.14+
 carnil> But according to Andy Lutomirski malicious userspace could
 canril> possibly use the respective fixed bug to crash the kernel
 carnil> even withouth the offending patch (3ac6d8c787b8) applied.
Bugs:
upstream: released (4.18-rc8) [b3681dd548d06deb2e1573890829dff4b15abf46]
4.9-upstream-stable: released (4.9.124) [987156381c5f875d75ef1f7cc29994d82f646dad]
3.16-upstream-stable: released (3.16.58) [x86-entry-64-remove-ebx-handling-from-error_entry-exit.patch]
sid: released (4.17.14-1)
4.9-stretch-security: released (4.9.110-3+deb9u5) [bugfix/x86/x86-entry-64-Remove-ebx-handling-from-error_entry-ex.patch]
3.16-jessie-security: released (3.16.59-1)

© 2014-2024 Faster IT GmbH | imprint | privacy policy