Kernel: KVM: leak of uninitialized stack contents to guest

An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object hold...

kernel security update

kernel - 2.6.18-419.0.0.0.14 - x86/speculation/mds: Conditionally clear CPU buffers on idle entry Thomas Gleixner orabug 29821515 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds: Call VERW on NMI path when returning to user Patrick Colp orabug 29821515...

Linux - Use-After-Free via race Between modify_ldt() and #BR Exception

Linux - Use-After-Free via race Between modifyldt and BR Exception / When a BR exception is raised because of an MPX bounds violation, Linux parses the faulting instruction and computes the linear address of its memory operand. If the userspace instruction is in 32-bit code, this involves looking...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.35.1 - Bluetooth: hidp: fix buffer overflow Young Xiao Orabug: 29786787 CVE-2011-1079 CVE-2019-11884 - x86/speculation/mds: Fix verw usage to use memory operand Patrick Colp Orabug: 29791038 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 - x86/speculation/mds:...