[CVE-2015-8104] KVM: svm: unconditionally intercept #DB
Luis Henriques
luis.henriques at canonical.com
Thu Nov 26 12:09:56 UTC 2015
Description:
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through
4.6.x, allows guest OS users to cause a denial of service (host OS panic or
hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
BugLink: https://bugs.launchpad.net/bugs/1520184
Following this email, I am sending the patches to fix CVE-2015-8104 in
Precise, Trusty, LTS-Utopic, Vivid and Wily.
Please note that the Precise backport was picked from Ben Hutching's
3.2.74-rc1 (currently under reviewed), which has received feedback from
the original author of the patch (Paolo Bonzini).
More information about the kernel-team
mailing list