Date: Tue, 27 Mar 2018 13:37:39 -0400 (EDT) From: Vladis Dronov <vdronov@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2018-1091: Linux kernel: a KVM guest kernel crash during core dump on POWER9 host Hello, A guest kernel crash can be triggered from unprivileged userspace during core dump on POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path leading to a denial of service. References: https://marc.info/?l=linuxppc-embedded&m=150535531910494&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=1558149 An upstream fix: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1fa0768a8713b135848f78fd43ffc208d8ded70 Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ