diff options
author | Josh Boyer <jwboyer@fedoraproject.org> | 2014-10-24 13:34:55 -0400 |
---|---|---|
committer | Josh Boyer <jwboyer@fedoraproject.org> | 2014-10-24 20:14:02 -0400 |
commit | 4ac9db0e269fe760faec68a3b163da77bf419134 (patch) | |
tree | 27f1865eb604ae68042905f482006a2139e04c31 /kernel.spec | |
parent | 65c87507f926ee79f8c085183dae5e6c54aad115 (diff) | |
download | kernel-4ac9db0e269fe760faec68a3b163da77bf419134.tar.gz kernel-4ac9db0e269fe760faec68a3b163da77bf419134.tar.xz kernel-4ac9db0e269fe760faec68a3b163da77bf419134.zip |
CVE-2014-3610 kvm: noncanonical MSR writes (rhbz 1144883 1156543)
- CVE-2014-3611 kvm: PIT timer race condition (rhbz 1144878 1156537)
- CVE-2014-3646 kvm: vmx: invvpid vm exit not handled (rhbz 1144825 1156534)
- CVE-2014-8369 kvm: excessive pages un-pinning in kvm_iommu_map error path (rhbz 1156518 1156522)
- CVE-2014-8480 CVE-2014-8481 kvm: NULL pointer dereference during rip relative instruction emulation (rhbz 1156615 1156616)
Diffstat (limited to 'kernel.spec')
-rw-r--r-- | kernel.spec | 47 |
1 files changed, 46 insertions, 1 deletions
diff --git a/kernel.spec b/kernel.spec index fd4fb2e20..adbf99c8f 100644 --- a/kernel.spec +++ b/kernel.spec @@ -42,7 +42,7 @@ Summary: The Linux kernel # For non-released -rc kernels, this will be appended after the rcX and # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3" # -%global baserelease 1 +%global baserelease 3 %global fedora_build %{baserelease} # base_sublevel is the kernel version we're starting with and patching @@ -620,6 +620,25 @@ Patch26058: asus-nb-wmi-Add-wapf4-quirk-for-the-X550VB.patch #rhbz 1111138 Patch26059: i8042-Add-notimeout-quirk-for-Fujitsu-Lifebook-A544-.patch +# CVE-2014-3610 kvm: noncanonical MSR writes (rhbz 1144883 1156543) +# CVE-2014-3611 kvm: PIT timer race condition (rhbz 1144878 1156537) +# CVE-2014-3646 kvm: vmx: invvpid vm exit not handled (rhbz 1144825 1156534) +# CVE-2014-8369 kvm: excessive pages un-pinning in kvm_iommu_map error path (rhbz 1156518 1156522) +# CVE-2014-8480 CVE-2014-8481 kvm: NULL pointer dereference during rip relative instruction emulation (rhbz 1156615 1156616) +Patch26070: KVM-x86-Check-non-canonical-addresses-upon-WRMSR.patch +Patch26071: KVM-x86-Prevent-host-from-panicking-on-shared-MSR-wr.patch +Patch26072: KVM-x86-Improve-thread-safety-in-pit.patch +Patch26073: KVM-x86-Fix-wrong-masking-on-relative-jump-call.patch +Patch26074: KVM-x86-Emulator-fixes-for-eip-canonical-checks-on-n.patch +Patch26075: KVM-x86-Handle-errors-when-RIP-is-set-during-far-jum.patch +Patch26076: kvm-vmx-handle-invvpid-vm-exit-gracefully.patch +Patch26077: kvm-x86-don-t-kill-guest-on-unknown-exit-reason.patch +Patch26078: KVM-x86-Decoding-guest-instructions-which-cross-page.patch +Patch26079: KVM-emulate-avoid-accessing-NULL-ctxt-memopp.patch +Patch26080: KVM-x86-Emulator-does-not-decode-clflush-well.patch +Patch26081: KVM-x86-PREFETCH-and-HINT_NOP-should-have-SrcMem-fla.patch +Patch26082: kvm-fix-excessive-pages-un-pinning-in-kvm_iommu_map-.patch + # git clone ssh://git.fedorahosted.org/git/kernel-arm64.git, git diff master...devel Patch30000: kernel-arm64.patch @@ -1349,6 +1368,25 @@ ApplyPatch asus-nb-wmi-Add-wapf4-quirk-for-the-X550VB.patch #rhbz 1111138 ApplyPatch i8042-Add-notimeout-quirk-for-Fujitsu-Lifebook-A544-.patch +# CVE-2014-3610 kvm: noncanonical MSR writes (rhbz 1144883 1156543) +# CVE-2014-3611 kvm: PIT timer race condition (rhbz 1144878 1156537) +# CVE-2014-3646 kvm: vmx: invvpid vm exit not handled (rhbz 1144825 1156534) +# CVE-2014-8369 kvm: excessive pages un-pinning in kvm_iommu_map error path (rhbz 1156518 1156522) +# CVE-2014-8480 CVE-2014-8481 kvm: NULL pointer dereference during rip relative instruction emulation (rhbz 1156615 1156616) +ApplyPatch KVM-x86-Check-non-canonical-addresses-upon-WRMSR.patch +ApplyPatch KVM-x86-Prevent-host-from-panicking-on-shared-MSR-wr.patch +ApplyPatch KVM-x86-Improve-thread-safety-in-pit.patch +ApplyPatch KVM-x86-Fix-wrong-masking-on-relative-jump-call.patch +ApplyPatch KVM-x86-Emulator-fixes-for-eip-canonical-checks-on-n.patch +ApplyPatch KVM-x86-Handle-errors-when-RIP-is-set-during-far-jum.patch +ApplyPatch kvm-vmx-handle-invvpid-vm-exit-gracefully.patch +ApplyPatch kvm-x86-don-t-kill-guest-on-unknown-exit-reason.patch +ApplyPatch KVM-x86-Decoding-guest-instructions-which-cross-page.patch +ApplyPatch KVM-emulate-avoid-accessing-NULL-ctxt-memopp.patch +ApplyPatch KVM-x86-Emulator-does-not-decode-clflush-well.patch +ApplyPatch KVM-x86-PREFETCH-and-HINT_NOP-should-have-SrcMem-fla.patch +ApplyPatch kvm-fix-excessive-pages-un-pinning-in-kvm_iommu_map-.patch + %if 0%{?aarch64patches} ApplyPatch kernel-arm64.patch %ifnarch aarch64 # this is stupid, but i want to notice before secondary koji does. @@ -2217,6 +2255,13 @@ fi # ||----w | # || || %changelog +* Fri Oct 24 2014 Josh Boyer <jwboyer@fedoraproject.org> +- CVE-2014-3610 kvm: noncanonical MSR writes (rhbz 1144883 1156543) +- CVE-2014-3611 kvm: PIT timer race condition (rhbz 1144878 1156537) +- CVE-2014-3646 kvm: vmx: invvpid vm exit not handled (rhbz 1144825 1156534) +- CVE-2014-8369 kvm: excessive pages un-pinning in kvm_iommu_map error path (rhbz 1156518 1156522) +- CVE-2014-8480 CVE-2014-8481 kvm: NULL pointer dereference during rip relative instruction emulation (rhbz 1156615 1156616) + * Fri Oct 24 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.18.0-0.rc1.git3.1 - Linux v3.18-rc1-280-g816fb4175c29 - Add touchpad quirk for Fujitsu Lifebook A544/AH544 models (rhbz 1111138) |