projects / firefly-linux-kernel-4.4.55.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3490e72) | patch
KVM: x86: Introduce segmented_write_std
authorSteve Rutherford <srutherford@google.com>
Thu, 12 Jan 2017 02:28:29 +0000 (18:28 -0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 19 Jan 2017 19:17:20 +0000 (20:17 +0100)
commit9d3875c0c462808f4d59dfa18a79d4b5b235acbd
tree4a325c5d827b65d0cc9422387a4b5786ea3aaf5atree | snapshot
parent3490e72ad6d02cf396894d1139dc800e1d9fca83commit | diff
KVM: x86: Introduce segmented_write_std

commit 129a72a0d3c8e139a04512325384fe5ac119e74d upstream.

Introduces segemented_write_std.

Switches from emulated reads/writes to standard read/writes in fxsave,
fxrstor, sgdt, and sidt.  This fixes CVE-2017-2584, a longstanding
kernel memory leak.

Since commit 283c95d0e389 ("KVM: x86: emulate FXSAVE and FXRSTOR",
2016-11-09), which is luckily not yet in any final release, this would
also be an exploitable kernel memory *write*!

Reported-by: Dmitry Vyukov <dvyukov@google.com>
Fixes: 96051572c819194c37a8367624b285be10297eca
Fixes: 283c95d0e3891b64087706b344a4b545d04a6e62
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Steve Rutherford <srutherford@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
arch/x86/kvm/emulate.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.