ELSA-2018-4011

Описание

[4.1.12-112.14.11]

• x86/pti/efi: broken conversion from efi to kernel page table (Pavel Tatashin) [Orabug: 27363926] [Orabug: 27352353] {CVE-2017-5754}
• x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT (redux) (Konrad Rzeszutek Wilk) [Orabug: 27369994]
• x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27362581]
• x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27363792]
• x86/spec_ctrl: Add missing 'lfence' when IBRS is not supported. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
• x86/entry_64: TRACE_IRQS_OFF before re-enabling. (Jamie Iles) [Orabug: 27339995] {CVE-2017-5715}
• ptrace: remove unlocked RCU dereference. (Jamie Iles) [Orabug: 27339995] {CVE-2017-5715}
• x86/ia32: Adds code hygiene for 32bit SYSCALL instruction entry. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
• x86/ia32: don't save registers on audit call (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
• x86/spec/ia32: Sprinkle IBRS and RSB at the 32-bit SYSCALL (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
• x86/ia32: Move STUFF_RSB And ENABLE_IBRS (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
• x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT. (Konrad Rzeszutek Wilk) [Orabug: 27365544] {CVE-2017-5715}