Description: information leak within a KVM guest
References:
 https://www.openwall.com/lists/oss-security/2020/01/30/4
Notes:
 carnil> Issue present since 0b9f6c4615c99 ("x86/kvm: Support the vCPU
 carnil> preemption check") in 4.10-rc1. But might need double-check.
 carnil> Fixed as well in 5.4.19. For 4.19.103 only one commit was
 carnil> backported, is this already sufficient?
 bwh> I think it was introduced by 858a43aae236 ("KVM: X86: use
 bwh> paravirtualized TLB Shootdown", as that introduced the second
 bwh> flag in kvm_steal_time::preempted which is being cleared.
 bwh> I believe the additional fixes *are* needed for 4.19.
Bugs:
upstream: released (5.6-rc1) [8c6de56a42e0c657955e12b882a81ef07d1d073e, 1eff70a9abd46f175defafd29bc17ad456f398a7, 917248144db5d7320655dbb41d3af0b8a0f3d589, b043138246a41064527cf019a3d51d9f015e9796, a6bd811f1209fe1c64c9f6fd578101d6436c6b6e]
4.19-upstream-stable: released (4.19.103) [68460ceba319a46ea14b36129bfd0a152e0f00c3]
4.9-upstream-stable: N/A "Vulnerability introduced later"
3.16-upstream-stable: N/A "Vulnerability introduced later"
sid: released (5.4.19-1)
4.19-buster-security: needed
4.9-stretch-security: N/A "Vulnerability introduced later"
3.16-jessie-security: N/A "Vulnerability introduced later"