** Description changed: - In some cases it may happen that pmd_none_or_clear_bad() is called with - the mmap_sem hold in read mode. In those cases the huge page faults can - allocate hugepmds under pmd_none_or_clear_bad() and that can trigger a - false positive from pmd_bad() that will not like to see a pmd - materializing as trans huge. A privileged user in the KVM guest can use - this flaw to crash the host. An unprivileged local user could use this - flaw to crash the system. + The Linux kernel before 3.3.1, when KVM is used, allows guest OS users + to cause a denial of service (host OS crash) by leveraging + administrative access to the guest OS, related to the + pmd_none_or_clear_bad function and page faults for huge pages. A + privileged user in the KVM guest can use this flaw to crash the host. An + unprivileged local user could use this flaw to crash the system. Break-Fix: 4c76d9d1fb9b21fa10c9e4c1fab2875018a88aa1 1a5a9906d4e8d1976b701f889d8f35d54b928f25
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/990362 Title: CVE-2012-1179 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/990362/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs