oss-sec mailing list archives

Re: CVE request: kernel: kvm kernel stack leakage

From: Josh Bressers <bressers () redhat com>
Date: Fri, 5 Nov 2010 16:00:50 -0400 (EDT)

Please use CVE-2010-3881

Thanks.

-- 
    JB


----- "Petr Matousek" <pmatouse () redhat com> wrote:

"Structures kvm_vcpu_events, kvm_debugregs, kvm_pit_state2 and
kvm_clock_data
are copied to userland with some padding and reserved fields
unitialized.  It
leads to leaking of contents of kernel stack memory."

Upstream commit:
http://git.kernel.org/?p=virt/kvm/kvm.git;a=commit;h=831d9d02f9522e739825a51a11e3bc5aa531a905

Credit: Vasiliy Kulikov

Reference:
http://www.spinics.net/lists/kvm/msg44130.html
https://bugzilla.redhat.com/show_bug.cgi?id=649920

Thanks,
--
Petr Matousek / Red Hat Security Response Team

Current thread:

CVE request: kernel: kvm kernel stack leakage Petr Matousek (Nov 04)
- Re: CVE request: kernel: kvm kernel stack leakage Josh Bressers (Nov 05)