I think the original bug description is incorrect about which kernel versions are affected. It looks to me like the flaw was introduced in 3.12:
$ git describe --contains bfd0a56b90005f8c8a004baf407ad90045c2b11e v3.12-rc1~143^2~30 It was fixed in 3.16: $ git describe --contains 4b855078601fc422dbac3059f2215e776f49780f v3.16-rc4~21^2^2~33 3.12 through 3.15 are affected. In Ubuntu, only Ubuntu 14.04 is affected. ** CVE removed: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-3645 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1678676 Title: linux_3.13.0-*.*: nVMX: Check current_vmcs12 before accessing in handle_invept() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1678676/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
