Date: Tue, 27 Mar 2018 13:37:39 -0400 (EDT) From: Vladis Dronov <vdronov@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2018-1091: Linux kernel: a KVM guest kernel crash during core dump on POWER9 host Hello, A guest kernel crash can be triggered from unprivileged userspace during core dump on POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path leading to a denial of service. References: https://marc.info/?l=linuxppc-embedded&m=150535531910494&w=2 https://bugzilla.redhat.com/show_bug.cgi?id=1558149 An upstream fix: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1fa0768a8713b135848f78fd43ffc208d8ded70 Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.