472560 – (CVE-2013-2146) Kernel : perf/x86: offcore_rsp valid mask for SNB/IVB (CVE-2013-2146)

Bug 472560 (CVE-2013-2146) - Kernel : perf/x86: offcore_rsp valid mask for SNB/IVB (CVE-2013-2146)

Summary: Kernel : perf/x86: offcore_rsp valid mask for SNB/IVB (CVE-2013-2146)

Status:	RESOLVED FIXED

Alias:	CVE-2013-2146

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Kernel Security

URL:	https://bugzilla.redhat.com/show_bug....
Whiteboard:
Keywords:

Duplicates (1):	483444 (view as bug list)
Depends on:
Blocks:

Reported:	2013-06-07 09:37 UTC by Agostino Sarubbo
Modified:	2022-03-25 15:18 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2013-06-07 09:37:19 UTC

From ${URL} :

Linux kernel built with the Performance Events Subsystem(CONFIG_PERF_EVENTS=y)
is vulnerable to a kernel crash flaw, caused by incorrect masking of the
reserved bits.

A user/program could use this flaw to crash the kernel, resulting in DoS.

Upstream fix:
-------------
 -> https://git.kernel.org/linus/f1923820c447e986a9da0fc6bf60c1dccdf0408e

Reference:
----------
 -> http://www.openwall.com/lists/oss-security/2013/06/05/23

Comment 1 Agostino Sarubbo gentoo-dev

2013-09-03 07:53:58 UTC

*** Bug 483444 has been marked as a duplicate of this bug. ***

Comment 2 John Helmert III archtester

2022-03-25 15:18:33 UTC

In 3.8.9 onward