svn commit: r328011 - in head/sys/amd64/vmm: amd intel
Kubilay Kocak
koobs at FreeBSD.org
Fri Mar 9 02:58:26 UTC 2018
On 9/03/2018 8:57 am, Ed Maste wrote:
> On 15 January 2018 at 13:37, Tycho Nightingale <tychon at freebsd.org> wrote:
>> Author: tychon
>> Date: Mon Jan 15 18:37:03 2018
>> New Revision: 328011
>> URL: https://svnweb.freebsd.org/changeset/base/328011
>>
>> Log:
>> Provide some mitigation against CVE-2017-5715 by clearing registers
>> upon returning from the guest which aren't immediately clobbered by
>> the host. This eradicates any remaining guest contents limiting their
>> usefulness in an exploit gadget.
>
> Will you MFC this to stable/11?
Mitigations and related MFC's and SA's, etc for vulnerabilities, are
presumably all being coordinated and handled by secteam, with associated
(explicit) messaging when fixes don't apply to particular
branches/versions, no?
More information about the svn-src-head
mailing list