lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20141024155843.GB29930@chrystal.home>
Date:	Fri, 24 Oct 2014 17:58:43 +0200
From:	Quentin Casasnovas <quentin.casasnovas@...cle.com>
To:	Paolo Bonzini <pbonzini@...hat.com>
Cc:	linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
	Quentin Casasnovas <quentin.casasnovas@...cle.com>,
	stable@...r.kernel.org, Vegard Nossum <vegard.nossum@...cle.com>,
	Jamie Iles <jamie.iles@...cle.com>
Subject: Re: [PATCH 13/14] kvm: fix excessive pages un-pinning in
 kvm_iommu_map error path.

On Fri, Oct 24, 2014 at 05:07:24PM +0200, Paolo Bonzini wrote:
> From: Quentin Casasnovas <quentin.casasnovas@...cle.com>
> 
> The third parameter of kvm_unpin_pages() when called from
> kvm_iommu_map_pages() is wrong, it should be the number of pages to un-pin
> and not the page size.
> 

This got assigned CVE-2014-8369.

Quentin

Received: from ucsinet22.oracle.com (/156.151.31.94)
	by default (Oracle Beehive Gateway v4.0)
	with ESMTP ; Tue, 21 Oct 2014 01:13:17 -0700
Received: from userp1030.oracle.com (userp1030.oracle.com [156.151.31.80])
	by ucsinet22.oracle.com (8.14.5+Sun/8.14.5) with ESMTP id s9L8DGJm009253
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL);
	Tue, 21 Oct 2014 08:13:17 GMT
Received: from userp2040.oracle.com (userp2040.oracle.com [156.151.31.90])
	by userp1030.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s9L8DGwj012217
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Tue, 21 Oct 2014 08:13:16 GMT
Received: from pps.filterd (userp2040.oracle.com [127.0.0.1])
	by userp2040.oracle.com (8.14.7/8.14.7) with SMTP id s9L8D4v1046310;
	Tue, 21 Oct 2014 08:13:16 GMT
Received: from smtptsrv1.mitre.org (smtptsrv1.mitre.org [192.52.194.77])
	by userp2040.oracle.com with ESMTP id 1q5jujrrc0-1;
	Tue, 21 Oct 2014 08:13:16 +0000
Received: from smtptsrv1.mitre.org (localhost.localdomain [127.0.0.1])
	by localhost (Postfix) with SMTP id 2ED33C5083C;
	Tue, 21 Oct 2014 04:13:15 -0400 (EDT)
Received: from rcf-smtp.mitre.org (linus.mitre.org [129.83.10.1])
	by smtptsrv1.mitre.org (Postfix) with ESMTP id DF6C1C5058D;
	Tue, 21 Oct 2014 04:13:14 -0400 (EDT)
Received: from faron.mitre.org (faron.mitre.org [129.83.10.2])
	by rcf-smtp.mitre.org (Postfix) with SMTP id B34EA18008B;
	Tue, 21 Oct 2014 04:12:30 -0400 (EDT)
From: cve-assign@...re.org
To: quentin.casasnovas@...cle.com
Cc: cve-assign@...re.org, security@...nel.org, mst@...hat.com,
        vegard.nossum@...cle.com, jamie.iles@...cle.com,
        sasha.levin@...cle.com
Subject: Re: CVE-2014-3601: incomplete upstream fix.
In-Reply-To: <20141021001315.GD31700@...ystal.home>
Message-Id: <20141021081314.DF6C1C5058D@...ptsrv1.mitre.org>
Date: Tue, 21 Oct 2014 04:13:14 -0400 (EDT)
X-Source-IP: 192.52.194.77
X-ServerName: smtptsrv1.mitre.org
X-Proofpoint-Virus-Version: vendor=nai engine=5600 definitions=7597 signatures=670556
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=3 phishscore=0
 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=7.0.1-1402240000 definitions=main-1410210091
X-Spam: Clean

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> While reviewing Red Hat 6.6 kernel patches to prepare Ksplice rebootless
> updates, we've stumbled accross a potential issue with the upstream fix for
> CVE-2014-3601:

> 350b8bd kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601)

> The above commit is supposed to prevent extra pages un-pinning _and_ fix a
> memory leak, but by fixing the memory leak in the error path, it likely
> introduces way more unwanted un-pinning

Use CVE-2014-8369.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJURhP+AAoJEKllVAevmvmsnXAH/AjUWd/JB2f73+6N8rjNTL0u
Hn/FrVNRdML+g1bQJ263PnHCSS7Ix92nDKiQZ6BdE9k9hOOiNIrfEO+JZhgZzS40
cGZNO13SttajyA1FEUrQWC8y6rvcBuMMZOzIaAOrfeT/QmfgY554jSzb0yIoIOs5
RKHlfqxvUR42RjQf96S3RT/ey6P00sHW54RUs2evPHA9ec57g5EARSeoh9mpkozT
Q1S/ByHqdkvjP+lTE4swfYw9HO6vUNixMosOc4Us5fAZ0EvLDkwEWUdc88FJZl6s
faiJf5MAMePPE1kFNpvBaWl8umu5OTz46oHg+GV/lmA7SRIimPd0QaqL6G1tF3M=
=XEZP
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ