oss-sec mailing list archives
Re: CVE request: Kernel: kvm: stack memory information leakage
From: <cve-assign () mitre org>
Date: Thu, 1 Dec 2016 14:13:14 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Linux kernel built with the Kernel-based Virtual Machine(CONFIG_KVM) support is vulnerable to an information leakage issue. It could occur on x86 platform, in 32bit mode, while emulating instructions. A user/process could use this flaw to leak host kernel memory bytes.
https://bugzilla.redhat.com/show_bug.cgi?id=1400468 https://git.kernel.org/linus/2117d5398c81554fbf803f5fd1dc55eb78216c0c
KVM: x86: drop error recovery in em_jmp_far and em_ret_far
was left uninitialized outside of long mode
Use CVE-2016-9756. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYQHXsAAoJEHb/MwWLVhi2TgcQAIG2Ktz53lW9raKviMre4rfZ X2KyP4Z3K5IKcpMhKZRIFbwTE9VdN7T+w6avgh896X/b+qOyL4iAyXSumVMVsAzZ I5tr0qxJvL1wybm5v/+w+dwWySE9rETa6kYxhjt/SPqvNiO2MluysS2zt1IjG2IT oN+NnXWOk5rgfl4lp3Ei2sbLOU/0dWd0XgVRVmA332toD+w+AcsHCQBPy0Bba11B CHE8pzNqQr5R0237OuCEXd5aAQVw7YJKz6oQVii1HjK523m7Cf/C1NH6k/lAQby4 mJcuC41yApyiPB/Ch2iUg1IKg6b2b1himL12kDEgTvgejE/4x0BNTaMw5bYCPSAe RhCNNMLmhKy6VBB3aUTKIGoFa0q/DplL9jGG5Jy2LQ9tg1rC68MWqrSdlHDDscxu svTUMiPpboh83D5BYhVTXajQzVEgFktbGyycOgfT2cos5imbF9RPXYtu/QD5e+Pp T/9ziafUnQ1YrU3X2wpV/v0P8mFoxsDVrEu8AMvvB/Q+tKyB62rSV/Fc952M52K3 eeJPGEC83G7O51ZAuEXGaJGqSTQ90UrPM38fOJIYOmX18HwaBIyEdBFvhXshpjYE UfCjLblQYcnV3Ba02CjbA9MSkzfuClGXwHVBTPkIi8aV+BDKlR958wNrjO+HWQl/ 44D1okf1EQ/QqrejB32l =YB5I -----END PGP SIGNATURE-----
Current thread:
- CVE request: Kernel: kvm: stack memory information leakage P J P (Dec 01)
- Re: CVE request: Kernel: kvm: stack memory information leakage cve-assign (Dec 01)