APPLIED[D] / NAK[Unstable]: [PATCH 0/1][SRU][D/Unstable] CVE-2018-16880 - vhost_net out-of-bounds write
Tyler Hicks
tyhicks at canonical.com
Tue Feb 5 18:53:51 UTC 2019
On 2019-02-05 12:50:18, Seth Forshee wrote:
> On Mon, Feb 04, 2019 at 09:03:35PM +0000, Tyler Hicks wrote:
> > https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-16880.html
> >
> > A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net]
> > driver. A malicious virtual guest, under specific conditions, can trigger an
> > out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a
> > kernel memory corruption and a system panic. Due to the nature of the flaw,
> > privilege escalation cannot be fully ruled out. Versions from v4.16 and newer
> > are vulnerable.
> >
> > This is a clean cherry pick to Disco and Unstable. I've ensured that there are
> > no new build warnings and smoke tested this patch by boot testing in a VM.
>
> Applied to disco/master-next. We've already picked up this fix in
> unstable when rebasing to 5.0-rc5. Thanks!
Oh, I got confused by the master-next branch of the unstable tree. I now
see that it is lagging behind the master branch.
Tyler
More information about the kernel-team
mailing list