** Description changed: - Linux 2.6.32 - 3.18 that runs KVM may enable a malicious guest process - to crash the guest OS or launch a privilege escalation attack on the - guest. The attack can be launched by tricking the hypervisor to emulate - a SYSENTER instruction in 16-bit mode, if the guest OS does not - initialize the SYSENTER MSRs. KVM does not check under these conditions - that the selector IA32_SYSENTER_CS is not zero, and does not generate a - #GP exception as real hardware does. Instead, it sets the guest - instruction pointer to zero and changes the code privilege level (CPL) - to zero (privileged). Note that the attack can only be issued under very - certain conditions (see the details below). Windows and distro Linux - guest OSes should be safe. The bug existed since the introduction of - SYSENTER emulation (em_sysenter function on recent Linux releases), in - commit 8c60435261deaefeb53ce3222d04d7d5bea81296 , which is present in - Linux 2.6.32 - 3.18. + The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel + before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, + allows guest OS users to gain guest OS privileges or cause a denial of + service (guest OS crash) by triggering use of a 16-bit code segment for + emulation of a SYSENTER instruction. Break-Fix: - f3747379accba8e95d70cec0eae0582c8c182050
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1414651 Title: CVE-2015-0239 Status in linux package in Ubuntu: Invalid Status in linux-armadaxp package in Ubuntu: Invalid Status in linux-ec2 package in Ubuntu: Invalid Status in linux-flo package in Ubuntu: New Status in linux-fsl-imx51 package in Ubuntu: Invalid Status in linux-goldfish package in Ubuntu: New Status in linux-lts-backport-maverick package in Ubuntu: New Status in linux-lts-backport-natty package in Ubuntu: New Status in linux-lts-quantal package in Ubuntu: Invalid Status in linux-lts-raring package in Ubuntu: Invalid Status in linux-lts-saucy package in Ubuntu: Invalid Status in linux-lts-trusty package in Ubuntu: Invalid Status in linux-lts-utopic package in Ubuntu: Invalid Status in linux-mako package in Ubuntu: New Status in linux-manta package in Ubuntu: New Status in linux-mvl-dove package in Ubuntu: Invalid Status in linux-ti-omap4 package in Ubuntu: Invalid Status in linux source package in Lucid: New Status in linux-armadaxp source package in Lucid: Invalid Status in linux-ec2 source package in Lucid: New Status in linux-flo source package in Lucid: Invalid Status in linux-fsl-imx51 source package in Lucid: Invalid Status in linux-goldfish source package in Lucid: Invalid Status in linux-lts-backport-maverick source package in Lucid: New Status in linux-lts-backport-natty source package in Lucid: New Status in linux-lts-quantal source package in Lucid: Invalid Status in linux-lts-raring source package in Lucid: Invalid Status in linux-lts-saucy source package in Lucid: Invalid Status in linux-lts-trusty source package in Lucid: Invalid Status in linux-lts-utopic source package in Lucid: Invalid Status in linux-mako source package in Lucid: Invalid Status in linux-manta source package in Lucid: Invalid Status in linux-mvl-dove source package in Lucid: Invalid Status in linux-ti-omap4 source package in Lucid: Invalid Status in linux source package in Precise: Fix Released Status in linux-armadaxp source package in Precise: Fix Released Status in linux-ec2 source package in Precise: Invalid Status in linux-flo source package in Precise: Invalid Status in linux-fsl-imx51 source package in Precise: Invalid Status in linux-goldfish source package in Precise: Invalid Status in linux-lts-backport-maverick source package in Precise: New Status in linux-lts-backport-natty source package in Precise: New Status in linux-lts-quantal source package in Precise: Fix Committed Status in linux-lts-raring source package in Precise: Invalid Status in linux-lts-saucy source package in Precise: Invalid Status in linux-lts-trusty source package in Precise: Fix Released Status in linux-lts-utopic source package in Precise: Invalid Status in linux-mako source package in Precise: Invalid Status in linux-manta source package in Precise: Invalid Status in linux-mvl-dove source package in Precise: Invalid Status in linux-ti-omap4 source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux-armadaxp source package in Trusty: Invalid Status in linux-ec2 source package in Trusty: Invalid Status in linux-flo source package in Trusty: Invalid Status in linux-fsl-imx51 source package in Trusty: Invalid Status in linux-goldfish source package in Trusty: Invalid Status in linux-lts-backport-maverick source package in Trusty: New Status in linux-lts-backport-natty source package in Trusty: New Status in linux-lts-quantal source package in Trusty: Invalid Status in linux-lts-raring source package in Trusty: Invalid Status in linux-lts-saucy source package in Trusty: Invalid Status in linux-lts-trusty source package in Trusty: Invalid Status in linux-lts-utopic source package in Trusty: Fix Released Status in linux-mako source package in Trusty: Invalid Status in linux-manta source package in Trusty: Invalid Status in linux-mvl-dove source package in Trusty: Invalid Status in linux-ti-omap4 source package in Trusty: Invalid Status in linux source package in Utopic: Fix Released Status in linux-armadaxp source package in Utopic: Invalid Status in linux-ec2 source package in Utopic: Invalid Status in linux-flo source package in Utopic: New Status in linux-fsl-imx51 source package in Utopic: Invalid Status in linux-goldfish source package in Utopic: New Status in linux-lts-backport-maverick source package in Utopic: New Status in linux-lts-backport-natty source package in Utopic: New Status in linux-lts-quantal source package in Utopic: Invalid Status in linux-lts-raring source package in Utopic: Invalid Status in linux-lts-saucy source package in Utopic: Invalid Status in linux-lts-trusty source package in Utopic: Invalid Status in linux-lts-utopic source package in Utopic: Invalid Status in linux-mako source package in Utopic: New Status in linux-manta source package in Utopic: New Status in linux-mvl-dove source package in Utopic: Invalid Status in linux-ti-omap4 source package in Utopic: Invalid Status in linux source package in Vivid: Invalid Status in linux-armadaxp source package in Vivid: Invalid Status in linux-ec2 source package in Vivid: Invalid Status in linux-flo source package in Vivid: New Status in linux-fsl-imx51 source package in Vivid: Invalid Status in linux-goldfish source package in Vivid: New Status in linux-lts-backport-maverick source package in Vivid: New Status in linux-lts-backport-natty source package in Vivid: New Status in linux-lts-quantal source package in Vivid: Invalid Status in linux-lts-raring source package in Vivid: Invalid Status in linux-lts-saucy source package in Vivid: Invalid Status in linux-lts-trusty source package in Vivid: Invalid Status in linux-lts-utopic source package in Vivid: Invalid Status in linux-mako source package in Vivid: New Status in linux-manta source package in Vivid: New Status in linux-mvl-dove source package in Vivid: Invalid Status in linux-ti-omap4 source package in Vivid: Invalid Bug description: The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction. Break-Fix: - f3747379accba8e95d70cec0eae0582c8c182050 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1414651/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
