** Changed in: linux-lts-quantal (Ubuntu Precise)
Status: New => Fix Committed
** Changed in: linux-lts-saucy (Ubuntu Precise)
Status: New => Fix Committed
** Changed in: linux (Ubuntu Precise)
Status: New => Fix Committed
** Description changed:
- x86,kvm,vmx: Preserve CR4 across VM entry
+ arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before
+ 3.17.2 on Intel processors does not ensure that the value in the CR4
+ control register remains the same after a VM entry, which allows host OS
+ users to kill arbitrary processes or cause a denial of service (system
+ disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC
+ prctl calls within a modified copy of QEMU.
Break-Fix: - d974baa398f34393db76be45f7d4d04fbdbb4a0a
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1388970
Title:
CVE-2014-3690
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1388970/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
