Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 655292 (CVE-2018-8897) - kernel: error in exception handling leads to DoS (CVE-2018-8897)
Summary: kernel: error in exception handling leads to DoS (CVE-2018-8897)
Status: IN_PROGRESS
Alias: CVE-2018-8897
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
URL:
Whiteboard: A3 [stable blocked cve]
Keywords:
Depends on: 653956 653958
Blocks:
  Show dependency tree
 
Reported: 2018-05-08 19:24 UTC by GLSAMaker/CVETool Bot
Modified: 2018-05-17 20:13 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-05-08 19:24:27 UTC
CVE-2018-8897 (https://nvd.nist.gov/vuln/detail/CVE-2018-8897):
  A flaw was found in the way the Linux kernel handled exceptions delivered
  after a stack switch operation via Mov SS or Pop SS instructions. During the
  stack switch operation, the processor did not deliver interrupts and
  exceptions, rather they are delivered once the first instruction after the
  stack switch is executed. An unprivileged system user could use this flaw to
  crash the system kernel resulting in the denial of service.
Comment 2 Thomas Deutschmann gentoo-dev Security 2018-05-08 19:39:03 UTC
Fixed in

>=sys-kernel/gentoo-sources-4.4.125, 4.4.128 is currently being stabilized in bug 653958

>=sys-kernel/gentoo-sources-4.9.91, 4.9.95 is currently being stabilized in bug 653956