diff options
author | Ben Hutchings <benh@debian.org> | 2017-02-22 13:49:44 +0000 |
---|---|---|
committer | Ben Hutchings <benh@debian.org> | 2017-02-22 13:49:44 +0000 |
commit | c3e786c6508b6b87434b712d3e44ca1a4afab953 (patch) | |
tree | 0860a798f24f9f052744b2b9b8d18dc7d598eb6a /dsa-texts/3.16.39-1+deb8u1 | |
parent | 616076d68bb79629c232cf61fe91170ed59ee292 (diff) |
Add descriptions of KVM issues to DSA text for 3.16.39-1+deb8u1
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4993 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'dsa-texts/3.16.39-1+deb8u1')
-rw-r--r-- | dsa-texts/3.16.39-1+deb8u1 | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/dsa-texts/3.16.39-1+deb8u1 b/dsa-texts/3.16.39-1+deb8u1 index fe6970c2b..a6afb7c11 100644 --- a/dsa-texts/3.16.39-1+deb8u1 +++ b/dsa-texts/3.16.39-1+deb8u1 @@ -29,8 +29,25 @@ CVE-2016-9191 escalation. CVE-2017-2583 + + Xiaohan Zhang reported that KVM for amd64 does not correctly + emulate loading of a null stack selector. This can be used by a + user in a guest VM for denial of service (on an Intel CPU) or to + escalate privileges within the VM (on an AMD CPU). + CVE-2017-2584 + + Dmitry Vyukov reported that KVM for x86 does not correctly emulate + memory access by the SGDT and SIDT instructions, which can result + in a use-after-free and information leak. + CVE-2017-2596 + + Dmitry Vyukov reported that KVM leaks page references when + emulating a VMON for a nested hypervisor. This can be used by a + privileged user in a guest VM for denial of service or possibly + to gain privileges in the host. + CVE-2017-2618 It was discovered that an off-by-one in the handling of SELinux |