[kernel-sec-discuss] r4422 - active retired

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon May 30 05:08:50 UTC 2016


Author: carnil
Date: 2016-05-30 05:08:50 +0000 (Mon, 30 May 2016)
New Revision: 4422

Added:
   retired/CVE-2016-4440
Removed:
   active/CVE-2016-4440
Log:
Retire CVE-2016-4440

Deleted: active/CVE-2016-4440
===================================================================
--- active/CVE-2016-4440	2016-05-30 05:08:49 UTC (rev 4421)
+++ active/CVE-2016-4440	2016-05-30 05:08:50 UTC (rev 4422)
@@ -1,16 +0,0 @@
-Description: kvm: vmx: incorrect state update leading to MSR access
-References:
- http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/152191
- http://comments.gmane.org/gmane.comp.emulators.kvm.devel/152100
-Notes:
- bwh> Based on the discussion, this appears to have been introduced in 4.5 by
- bwh> commits d62caabb41f33d96333f9ef15e09cd26e1c12760 and
- bwh> 5c919412fe61c35947816fdbd5f7bd09fe0dd073
-Bugs:
- https://bugzilla.redhat.com/show_bug.cgi?id=1337806
-upstream: released (4.7-rc1) [3ce424e45411cf5a13105e0386b6ecf6eeb4f66f]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.5.5-1) [bugfix/x86/kvm-vmx-more-complete-state-update-on-apicv-on-off.patch]
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2016-4440 (from rev 4421, active/CVE-2016-4440)
===================================================================
--- retired/CVE-2016-4440	                        (rev 0)
+++ retired/CVE-2016-4440	2016-05-30 05:08:50 UTC (rev 4422)
@@ -0,0 +1,16 @@
+Description: kvm: vmx: incorrect state update leading to MSR access
+References:
+ http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/152191
+ http://comments.gmane.org/gmane.comp.emulators.kvm.devel/152100
+Notes:
+ bwh> Based on the discussion, this appears to have been introduced in 4.5 by
+ bwh> commits d62caabb41f33d96333f9ef15e09cd26e1c12760 and
+ bwh> 5c919412fe61c35947816fdbd5f7bd09fe0dd073
+Bugs:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1337806
+upstream: released (4.7-rc1) [3ce424e45411cf5a13105e0386b6ecf6eeb4f66f]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.5.5-1) [bugfix/x86/kvm-vmx-more-complete-state-update-on-apicv-on-off.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"




More information about the kernel-sec-discuss mailing list