lp:~apw/ubuntu/+source/linux/+git/trusty

Owned by Andy Whitcroft
Get this repository:
git clone https://git.launchpad.net/~apw/ubuntu/+source/linux/+git/trusty
Only Andy Whitcroft can upload to this repository. If you are Andy Whitcroft please log in for upload directions.

Branches

Name Last Modified Last Commit
signing-redux/buildinfo 2019-01-31 14:36:35 UTC
UBUNTU: [Packaging] getabis -- support parsing a simple version

Author: Andy Whitcroft
Author Date: 2018-12-04 21:32:02 UTC

UBUNTU: [Packaging] getabis -- support parsing a simple version

BugLink: http://bugs.launchpad.net/bugs/1806380
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>

master 2018-12-05 06:47:31 UTC
UBUNTU: Ubuntu-3.13.0-164.214

Author: Khaled El Mously
Author Date: 2018-12-05 06:47:31 UTC

UBUNTU: Ubuntu-3.13.0-164.214

Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>

CVE-2015-2390 2015-07-29 09:31:31 UTC
x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection

Author: Andy Lutomirski
Author Date: 2015-07-11 00:25:53 UTC

x86/nmi/64: Use DF to avoid userspace RSP confusing nested NMI detection

commit 810bc075f78ff2c221536eb3008eac6a492dba2d upstream.

We have a tricky bug in the nested NMI code: if we see RSP pointing
to the NMI stack on NMI entry from kernel mode, we assume that we
are executing a nested NMI.

This isn't quite true. A malicious userspace program can point RSP
at the NMI stack, issue SYSCALL, and arrange for an NMI to happen
while RSP is still pointing at the NMI stack.

Fix it with a sneaky trick. Set DF in the region of code that the RSP
check is intended to detect. IRET will clear DF atomically.

(Note: other than paravirt, there's little need for all this complexity.
 We could check RIP instead of RSP.)

Fixes CVE-2015-3291.

Cc: stable@vger.kernel.org
Reviewed-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
[bwh: Backported to 4.0: adjust filename, context]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Andy Whitcroft <apw@canonical.com>
CVE-2015-3291
Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>

13 of 3 results
This repository contains Public information 
Everyone can see this information.

Subscribers