[kernel-sec-discuss] r5058 - dsa-texts
Ben Hutchings
benh at moszumanska.debian.org
Wed Mar 8 14:56:54 UTC 2017
Author: benh
Date: 2017-03-08 14:56:53 +0000 (Wed, 08 Mar 2017)
New Revision: 5058
Modified:
dsa-texts/3.16.39-1+deb8u2
Log:
Clarify that CVE-2016-9588 only applies to nested VMX
Modified: dsa-texts/3.16.39-1+deb8u2
===================================================================
--- dsa-texts/3.16.39-1+deb8u2 2017-03-08 09:32:37 UTC (rev 5057)
+++ dsa-texts/3.16.39-1+deb8u2 2017-03-08 14:56:53 UTC (rev 5058)
@@ -9,10 +9,11 @@
CVE-2016-9588
- Jim Mattson discovered that the KVM implementation does not properly
- handle #BP and #OF exceptions. A local attacker in a guest virtual
- machine can take advantage of this flaw to cause a denial of service
- (guest OS crash).
+ Jim Mattson discovered that the KVM implementation for Intel x86
+ processors does not properly handle #BP and #OF exceptions in an
+ L2 (nested) virtual machine. A local attacker in an L2 guest VM
+ can take advantage of this flaw to cause a denial of service for
+ the L1 guest VM.
CVE-2017-2636
More information about the kernel-sec-discuss
mailing list