On 01/28/2015, 01:09 PM, Jiri Slaby wrote:
> On 01/28/2015, 01:03 PM, Nadav Amit wrote:
>> The CVE only exists in 3.17 - 3.18, so it should be unnecessary in 3.12.
>
> Greg, the same holds for 3.14, I suppose.
>
> In there, it's "[PATCH 3.14 26/77]".
And "[PATCH 3.10 18/32]" too.
>> Jiri Slaby <jslaby@xxxxxxx> wrote:
>>
>>> From: Nadav Amit <nadav.amit@xxxxxxxxx>
>>>
>>> This patch has been added to the 3.12 stable tree. If you have any
>>> objections, please let us know.
>>>
>>> ===============
>>>
>>> commit 63ea0a49ae0b145b91ff2b070c01b66fc75854b9 upstream.
>>>
>>> STR and SLDT with rip-relative operand can cause a host kernel oops.
>>> Mark them as DstMem as well.
>>>
>>> Signed-off-by: Nadav Amit <namit@xxxxxxxxxxxxxxxxx>
>>> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
>>> Signed-off-by: Jiri Slaby <jslaby@xxxxxxx>
>>> ---
>>> arch/x86/kvm/emulate.c | 4 ++--
>>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
>>> index ab1d45928ce7..ee2bc3be0d1e 100644
>>> --- a/arch/x86/kvm/emulate.c
>>> +++ b/arch/x86/kvm/emulate.c
>>> @@ -3622,8 +3622,8 @@ static const struct opcode group5[] = {
>>> };
>>>
>>> static const struct opcode group6[] = {
>>> - DI(Prot, sldt),
>>> - DI(Prot, str),
>>> + DI(Prot | DstMem, sldt),
>>> + DI(Prot | DstMem, str),
>>> II(Prot | Priv | SrcMem16, em_lldt, lldt),
>>> II(Prot | Priv | SrcMem16, em_ltr, ltr),
>>> N, N, N, N,
>>> --
>>> 2.2.2
>>
>>
>
>
--
js
suse labs
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html