** Description changed: - [execution in the early microcode loader] + [execution in the early microcode loader x86/intel] Guard against stack + overflow in the loader mc_saved_tmp is a static array allocated on the + stack, we need to make sure mc_saved_count stays within its bounds, + otherwise we're overflowing the stack in _save_mc(). A specially crafted + microcode header could lead to a kernel crash or potentially kernel + execution. Break-Fix: ec400ddeff200b068ddc6c70f7321f49ecf32ed5 f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1438504 Title: CVE-2015-2666 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1438504/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
