Bugzilla – Bug 979715
VUL-0: CVE-2016-3713: kernel: kvm: OOB r/w access issue with MSR 0x2F8
Last modified: 2020-07-27 10:13:01 UTC
bugbot adjusting priority
Please confirm that the issue is public now and the fix can be pulled into the publicly visible kernel git branches.
Issue is public now.
Linux kernel built with the Kernel-based Virtual Machine(CONFIG_KVM) with
variable Memory Type Range Registers(MTRR) support is vulnerable to an
out-of-bounds r/w access issue. It could occur while accessing processor's
MTRRs via ioctl(2) calls.
A privileged user inside guest could use this flaw to manipulate host kernel's
memory bytes leading to information disclosure OR potentially crashing the
kernel resulting in DoS.
'CVE-2016-3713' has been assigned to this issue by Red Hat Inc. A proposed
patch is attached herein to fix this issue.
fixed in SLES 12 SP2 GA