[kernel] r22875 - in dists/jessie-security/linux/debian: . patches patches/bugfix/x86
Ben Hutchings
benh at moszumanska.debian.org
Sat Aug 1 16:13:52 UTC 2015
Author: benh
Date: Sat Aug 1 16:13:52 2015
New Revision: 22875
Log:
[x86] kvm: fix kvm_apic_has_events to check for NULL pointer (CVE-2015-4692)
Added:
dists/jessie-security/linux/debian/patches/bugfix/x86/kvm-x86-fix-kvm_apic_has_events-to-check-for-null-po.patch
Modified:
dists/jessie-security/linux/debian/changelog
dists/jessie-security/linux/debian/patches/series
Modified: dists/jessie-security/linux/debian/changelog
==============================================================================
--- dists/jessie-security/linux/debian/changelog Sat Aug 1 16:11:06 2015 (r22874)
+++ dists/jessie-security/linux/debian/changelog Sat Aug 1 16:13:52 2015 (r22875)
@@ -3,6 +3,7 @@
* path_openat(): fix double fput()
* KEYS: ensure we free the assoc array edit if edit is valid (CVE-2015-1333)
* sctp: fix ASCONF list handling (CVE-2015-3212)
+ * [x86] kvm: fix kvm_apic_has_events to check for NULL pointer (CVE-2015-4692)
-- Ben Hutchings <ben at decadent.org.uk> Sun, 26 Jul 2015 20:37:03 +0100
Added: dists/jessie-security/linux/debian/patches/bugfix/x86/kvm-x86-fix-kvm_apic_has_events-to-check-for-null-po.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/jessie-security/linux/debian/patches/bugfix/x86/kvm-x86-fix-kvm_apic_has_events-to-check-for-null-po.patch Sat Aug 1 16:13:52 2015 (r22875)
@@ -0,0 +1,24 @@
+From: Paolo Bonzini <pbonzini at redhat.com>
+Date: Sat, 30 May 2015 14:31:24 +0200
+Subject: kvm: x86: fix kvm_apic_has_events to check for NULL pointer
+Origin: https://git.kernel.org/linus/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009
+
+Malicious (or egregiously buggy) userspace can trigger it, but it
+should never happen in normal operation.
+
+Signed-off-by: Paolo Bonzini <pbonzini at redhat.com>
+---
+ arch/x86/kvm/lapic.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/x86/kvm/lapic.h
++++ b/arch/x86/kvm/lapic.h
+@@ -165,7 +165,7 @@ static inline u16 apic_logical_id(struct
+
+ static inline bool kvm_apic_has_events(struct kvm_vcpu *vcpu)
+ {
+- return vcpu->arch.apic->pending_events;
++ return kvm_vcpu_has_lapic(vcpu) && vcpu->arch.apic->pending_events;
+ }
+
+ bool kvm_apic_pending_eoi(struct kvm_vcpu *vcpu, int vector);
Modified: dists/jessie-security/linux/debian/patches/series
==============================================================================
--- dists/jessie-security/linux/debian/patches/series Sat Aug 1 16:11:06 2015 (r22874)
+++ dists/jessie-security/linux/debian/patches/series Sat Aug 1 16:13:52 2015 (r22875)
@@ -636,3 +636,4 @@
bugfix/all/path_openat-fix-double-fput.patch
bugfix/all/keys-ensure-we-free-the-assoc-array-edit-if-edit-is-valid.patch
bugfix/all/sctp-fix-asconf-list-handling.patch
+bugfix/x86/kvm-x86-fix-kvm_apic_has_events-to-check-for-null-po.patch
More information about the Kernel-svn-changes
mailing list