From 4e3c6e2b3a5ab55c3efa003df1c29308c446f21f Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 6 Apr 2020 21:37:14 +0200
Subject: Add CVE-2020-8834

---
 active/CVE-2020-8834 | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 active/CVE-2020-8834

diff --git a/active/CVE-2020-8834 b/active/CVE-2020-8834
new file mode 100644
index 00000000..88266bcd
--- /dev/null
+++ b/active/CVE-2020-8834
@@ -0,0 +1,18 @@
+Description: Linux kernel Power8 conflicting use of HSTATE_HOST_R1 vulnerability
+References:
+ https://www.openwall.com/lists/oss-security/2020/04/06/2
+ https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1867717
+Notes:
+ carnil> Introduced by f024ee098476 ("KVM: PPC: Book3S HV: Pull out TM
+ carnil> state save/restore into separate procedures") in 4.8-rc1 and
+ carnil> 87a11bb6a7f7 ("KVM: PPC: Book3S HV: Work around XER[SO] bug in
+ carnil> fake suspend mode") in 4.17-rc1.
+Bugs:
+upstream: released (4.18-rc1) [6f597c6b63b6f3675914b5ec8fcd008a58678650, 7b0e827c6970e8ca77c60ae87592204c39e41245, 009c872a8bc4d38f487a9bd62423d019e4322517]
+4.19-upstream-stable: N/A "Fixed before branching point"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.18.6-1)
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3