Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 27 Mar 2018 13:37:39 -0400 (EDT)
From: Vladis Dronov <vdronov@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2018-1091: Linux kernel: a KVM guest kernel crash during core
 dump on POWER9 host

Hello,

A guest kernel crash can be triggered from unprivileged userspace during core
dump on POWER host due to a missing processor feature check and an erroneous
use of transactional memory (TM) instructions in the core dump path leading to
a denial of service.

References:

https://marc.info/?l=linuxppc-embedded&m=150535531910494&w=2

https://bugzilla.redhat.com/show_bug.cgi?id=1558149

An upstream fix:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1fa0768a8713b135848f78fd43ffc208d8ded70

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ