android_kernel_samsung_msm8976

mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git synced 2024-09-21 03:43:03 +00:00

History

Andy Honig f4d838225e KVM: Improve create VCPU parameter (CVE-2013-4587) commit 338c7dbadd2671189cec7faf64c84d01071b3f96 upstream. In multiple functions the vcpu_id is used as an offset into a bitfield. Ag malicious user could specify a vcpu_id greater than 255 in order to set or clear bits in kernel memory. This could be used to elevate priveges in the kernel. This patch verifies that the vcpu_id provided is less than 255. The api documentation already specifies that the vcpu_id must be less than max_vcpus, but this is currently not checked. Reported-by: Andrew Honig <ahonig@google.com> Signed-off-by: Andrew Honig <ahonig@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2013-12-20 07:45:07 -08:00
..
assigned-dev.c	KVM: Move irq routing to generic code	2013-04-26 20:27:17 +02:00
async_pf.c	KVM: do not release the error page	2012-08-06 16:04:58 +03:00
async_pf.h
coalesced_mmio.c	KVM: make checks stricter in coalesced_mmio_in_range()	2011-12-27 11:17:07 +02:00
coalesced_mmio.h	KVM: Make coalesced mmio use a device per zone	2011-09-25 19:17:57 +03:00
eventfd.c	KVM: Introduce CONFIG_HAVE_KVM_IRQ_ROUTING	2013-04-26 20:27:14 +02:00
ioapic.c	KVM: Set TMR when programming ioapic entry	2013-04-16 16:32:40 -03:00
ioapic.h	KVM: Set TMR when programming ioapic entry	2013-04-16 16:32:40 -03:00
iodev.h
iommu.c	KVM: IOMMU: hva align mapping page size	2013-11-29 11:11:50 -08:00
irq_comm.c	KVM: Move irq routing setup to irqchip.c	2013-04-26 20:27:18 +02:00
irqchip.c	KVM: Move irq routing setup to irqchip.c	2013-04-26 20:27:18 +02:00
Kconfig	KVM: Introduce CONFIG_HAVE_KVM_IRQ_ROUTING	2013-04-26 20:27:14 +02:00
kvm_main.c	KVM: Improve create VCPU parameter (CVE-2013-4587)	2013-12-20 07:45:07 -08:00