Bug 1400468 (CVE-2016-9756)

Summary: CVE-2016-9756 Kernel: kvm: stack memory information leakage
Product: [Other] Security Response Reporter: Prasad Pandit <ppandit>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED WONTFIX QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: aquini, arm-mgr, bhu, carnil, dhoward, fhrbata, gansalmon, iboverma, ichavero, itamar, jforbes, jkacur, joelsmith, jonathan, jross, jwboyer, kernel-maint, kernel-mgr, labbott, lgoncalv, madhu.chinakonda, matt, mchehab, mcressma, nmurray, pholasek, plougher, rt-maint, rvrbovsk, williams
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-08 03:02:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1400469    
Bug Blocks: 1398088    

Description Prasad Pandit 2016-12-01 10:13:49 UTC
Linux kernel built with the Kernel-based Virtual Machine(CONFIG_KVM) support
is vulnerable to an information leakage issue. It could occur on x86 platform,
while emulating instructions in 32bit mode.

A user/process could use this flaw to leak host kernel memory bytes.

Upstream patch:
  -> https://git.kernel.org/linus/2117d5398c81554fbf803f5fd1dc55eb78216c0c

  -> http://www.openwall.com/lists/oss-security/2016/12/01/1

Comment 1 Prasad Pandit 2016-12-01 10:14:58 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1400469]

Comment 2 Prasad Pandit 2016-12-01 10:30:32 UTC

This issue does not affect the versions of the kernel package as shipped with
Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.

This issue affects the version of Linux kernel as shipped with Red Hat Enterprise
Linux 7.

This has been rated as having Low security impact and is not currently planned
to be addressed in future updates. For additional information, refer to the
Red Hat Enterprise Linux Life Cycle:
  -> https://access.redhat.com/support/policy/updates/errata/