Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 27 Mar 2018 13:37:39 -0400 (EDT)
From: Vladis Dronov <vdronov@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2018-1091: Linux kernel: a KVM guest kernel crash during core
 dump on POWER9 host

Hello,

A guest kernel crash can be triggered from unprivileged userspace during core
dump on POWER host due to a missing processor feature check and an erroneous
use of transactional memory (TM) instructions in the core dump path leading to
a denial of service.

References:

https://marc.info/?l=linuxppc-embedded&m=150535531910494&w=2

https://bugzilla.redhat.com/show_bug.cgi?id=1558149

An upstream fix:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1fa0768a8713b135848f78fd43ffc208d8ded70

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.