This is a note to let you know that I've just added the patch titled
KVM: x86: Fix of previously incomplete fix for CVE-2014-8480
to the 3.10-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
kvm-x86-fix-of-previously-incomplete-fix-for-cve-2014-8480.patch
and it can be found in the queue-3.10 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 63ea0a49ae0b145b91ff2b070c01b66fc75854b9 Mon Sep 17 00:00:00 2001
From: Nadav Amit <nadav.amit@xxxxxxxxx>
Date: Thu, 8 Jan 2015 11:59:03 +0100
Subject: KVM: x86: Fix of previously incomplete fix for CVE-2014-8480
From: Nadav Amit <nadav.amit@xxxxxxxxx>
commit 63ea0a49ae0b145b91ff2b070c01b66fc75854b9 upstream.
STR and SLDT with rip-relative operand can cause a host kernel oops.
Mark them as DstMem as well.
Signed-off-by: Nadav Amit <namit@xxxxxxxxxxxxxxxxx>
Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
arch/x86/kvm/emulate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -3808,8 +3808,8 @@ static const struct opcode group5[] = {
};
static const struct opcode group6[] = {
- DI(Prot, sldt),
- DI(Prot, str),
+ DI(Prot | DstMem, sldt),
+ DI(Prot | DstMem, str),
II(Prot | Priv | SrcMem16, em_lldt, lldt),
II(Prot | Priv | SrcMem16, em_ltr, ltr),
N, N, N, N,
Patches currently in stable-queue which might be from nadav.amit@xxxxxxxxx are
queue-3.10/kvm-x86-fix-of-previously-incomplete-fix-for-cve-2014-8480.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html