Bug 1013283 - (CVE-2016-9777) VUL-0: CVE-2016-9777: kernel-source: kvm: out of bounds memory access via vcpu_id
VUL-0: CVE-2016-9777: kernel-source: kvm: out of bounds memory access via vcp...
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P2 - High : Major
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2016-12-02 14:38 UTC by Mikhail Kasimov
Modified: 2017-01-11 08:32 UTC (History)
4 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Kasimov 2016-12-02 14:38:39 UTC

Linux kernel built with the Kernel-based Virtual Machine(CONFIG_KVM) support is vulnerable to an out-of-bounds memory access issue. It could occur on x86 platform, while servicing I/O APIC requests with larger vcpu_id.

A guest user/process could use this flaw to crash the host kernel resulting in DoS or it could potentially be used to escalate privileges on a host.

Upstream patch:
  -> https://git.kernel.org/linus/81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755

  -> https://bugzilla.redhat.com/show_bug.cgi?id=1400804

Thank you.
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
Comment 1 Marcus Meissner 2016-12-02 15:37:56 UTC
the introducer, af1bae5497b9, seems quite fresh , 4.8 kernel or so.
Comment 3 Joerg Roedel 2016-12-09 13:41:22 UTC
Assigning back.
Comment 4 Marcus Meissner 2016-12-09 13:59:24 UTC