Bug 655292 (CVE-2018-8897)

Summary:	kernel: error in exception handling leads to DoS (CVE-2018-8897)
Product:	Gentoo Security	Reporter:	GLSAMaker/CVETool Bot <glsamaker>
Component:	Kernel	Assignee:	Gentoo Kernel Security <security-kernel>
Status:	RESOLVED FIXED
Severity:	normal	CC:	kernel, kfm
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:	A3 [stable blocked cve]
Package list:		Runtime testing required:	---
Bug Depends on:	653956, 653958
Bug Blocks:

Description GLSAMaker/CVETool Bot gentoo-dev

2018-05-08 19:24:27 UTC

CVE-2018-8897 (https://nvd.nist.gov/vuln/detail/CVE-2018-8897):
  A flaw was found in the way the Linux kernel handled exceptions delivered
  after a stack switch operation via Mov SS or Pop SS instructions. During the
  stack switch operation, the processor did not deliver interrupts and
  exceptions, rather they are delivered once the first instruction after the
  stack switch is executed. An unprivileged system user could use this flaw to
  crash the system kernel resulting in the denial of service.

Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev

2018-05-08 19:27:49 UTC

Upstream fix: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d8ba61ba58c88d5207c1ba2f7d9a2280e7d03be9

Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev

2018-05-08 19:39:03 UTC

Fixed in

>=sys-kernel/gentoo-sources-4.4.125, 4.4.128 is currently being stabilized in bug 653958

>=sys-kernel/gentoo-sources-4.9.91, 4.9.95 is currently being stabilized in bug 653956

Comment 3 John Helmert III archtester

2022-03-26 00:40:10 UTC

Long been stabilized