path: root/retired/CVE-2020-36313

Description: KVM: Fix out of range accesses to memslots
References:
Notes:
 bwh> The upstream commit claims to fix a commit that also landed in
 bwh> 5.7-rc1.  So were there really any vulnerable versions?
 carnil> IMHO correct, and no released version ever affected only
 carnil> versions between 36947254e5f9 ("KVM: Dynamically size memslot
 carnil> array based on number of used slots") and 0774a964ef56 ("KVM:
 carnil> Fix out of range accesses to memslots").
Bugs:
upstream: released (5.7-rc1) [0774a964ef561b7170d8d1b1bfe6f88002b6d219]
5.10-upstream-stable: N/A "Fixed before branching point"
4.19-upstream-stable: N/A "Vulnerable code never alone in a released version"
4.9-upstream-stable: N/A "Vulnerable code never alone in a released version"
sid: N/A "Vulnerable code never alone in a released version"
4.19-buster-security: N/A "Vulnerable code never alone in a released version"
4.9-stretch-security: N/A "Vulnerable code never alone in a released version"