[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Xen Security Advisory 240 (CVE-2017-15595) - Unlimited recursion in linear pagetable de-typing

On Wed, Nov 15, 2017 at 05:13:22PM +0000, Xen.org security team wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
>             Xen Security Advisory CVE-2017-15595 / XSA-240
>                                version 5
> 
>            Unlimited recursion in linear pagetable de-typing
<snip>
> 
> c0c624f51fb1bd9e31a2c120343164d545ab6e709ed4bb9e5dd89b5c4c4e49f8  
> xsa240-4.8/0001-x86-limit-linear-page-table-use-to-a-single-level.patch
> 7e3c2c4a4d0ee0a29abaa7aceffbb774b1f92aa81dfa4c5d1c5c5156b6bb0a3a  
> xsa240-4.8/0002-x86-mm-Disable-PV-linear-pagetables-by-default.patch
> f174ee608a7f7f0601ae46edafbf443c90a87632609c1b4145fb0e2e5c4b1b51  
> xsa240-4.8/0003-x86-dont-wrongly-trigger-linear-page-table-assertion.patch
<snip>

I'm trying to apply patch 0003 to a 4.8.2 branch but it is rejected (patch 
--verbose -p1).  The hunk it is 
trying to remove does not exist in the stable-4.8 branch or at tag 
RELEASE-4.8.2.  Trying to find 
CONFIG_PV_LINEAR_PT in git does not show this in stable-4.8 or stable-4.9 
branches (but it is present in the 
staging branches.)  It looks like the patch issued for 4.6 would apply, is this 
satisfactory for 4.8.2?

Thanks,
James

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
https://lists.xen.org/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.