** Changed in: linux-armadaxp (Ubuntu Precise)
Status: New => Fix Released
** Changed in: linux-lts-raring (Ubuntu Precise)
Status: New => Invalid
** Description changed:
- paravirt_enabled has the following effects: - Disables the F00F bug
- workaround warning. There is no F00F bug workaround any more because
- Linux's standard IDT handling already works around the F00F bug, but
- the warning still exists. This is only cosmetic, and, in any event,
- there is no such thing as KVM on a CPU with the F00F bug. - Disables
- 32-bit APM BIOS detection. On a KVM paravirt system, there should be
- no APM BIOS anyway. - Disables tboot. I think that the tboot code
- should check the CPUID hypervisor bit directly if it matters. -
- paravirt_enabled disables espfix32. espfix32 should *not* be disabled
- under KVM paravirt. The last point is the purpose of this patch. It
- fixes a leak of the high 16 bits of the kernel stack address on 32-bit
- KVM paravirt guests. While I'm at it, this removes pv_info setup from
- kvmclock. That code seems to serve no purpose.
+ The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux
+ kernel through 3.18 uses an improper paravirt_enabled setting for KVM
+ guest kernels, which makes it easier for guest OS users to bypass the
+ ASLR protection mechanism via a crafted application that reads a 16-bit
+ value.
Break-Fix: - local-2014-8134
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1400314
Title:
CVE-2014-8134
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1400314/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
