c47527 CVE-2014-8133 x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS (rhbz 1172797 1174374)

Authored and Committed by jwboyer 5 years ago
63 files changed. 154 lines added. 74 lines removed.
ACPI-Limit-access-to-custom_method.patch
file modified
+1 -1
ARM-tegra-usb-no-reset.patch
file modified
+1 -1
Add-EFI-signature-data-types.patch
file modified
+1 -1
Add-an-EFI-signature-blob-parser-and-key-loader.patch
file modified
+1 -1
Add-option-to-automatically-enforce-module-signature.patch
file modified
+1 -1
Add-secure_modules-call.patch
file modified
+1 -1
Add-sysrq-option-to-disable-secure-boot-mode.patch
file modified
+1 -1
HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch
file modified
+1 -1
HID-wacom-Add-support-for-the-Cintiq-Companion.patch
file modified
+1 -1
KEYS-Add-a-system-blacklist-keyring.patch
file modified
+1 -1
MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
file modified
+1 -1
MODSIGN-Support-not-importing-certs-from-db.patch
file modified
+1 -1
PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
file modified
+1 -1
Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
file modified
+1 -1
Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch
file modified
+1 -1
acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
file modified
+1 -1
ahci-disable-MSI-on-SAMSUNG-0xa800-SSD.patch
file modified
+0 -1
arm-dts-am335x-bone-common-add-uart2_pins-uart4_pins.patch
file modified
+1 -1
arm-dts-am335x-bone-common-enable-and-use-i2c2.patch
file modified
+1 -1
arm-dts-am335x-bone-common-setup-default-pinmux-http.patch
file modified
+1 -1
arm-dts-am335x-boneblack-add-cpu0-opp-points.patch
file modified
+1 -1
arm-dts-am335x-boneblack-lcdc-add-panel-info.patch
file modified
+1 -1
arm-dts-sun7i-bananapi.patch
file modified
+1 -1
arm-highbank-l2-reverts.patch
file modified
+1 -1
arm-i.MX6-Utilite-device-dtb.patch
file modified
+1 -1
asus-wmi-Restrict-debugfs-interface-when-module-load.patch
file modified
+1 -1
ath9k-rx-dma-stop-check.patch
file modified
+1 -1
cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch
file modified
+2 -3
crash-driver.patch
file modified
+1 -1
criu-no-expert.patch
file modified
+1 -1
die-floppy-die.patch
file modified
+1 -1
disable-i8042-check-on-apple-mac.patch
file modified
+1 -1
disable-libdw-unwind-on-non-x86.patch
file modified
+1 -1
drm-i915-Don-t-WARN-in-edp_panel_vdd_off.patch
file modified
+2 -2
drm-i915-hush-check-crtc-state.patch
file modified
+3 -3
efi-Add-EFI_SECURE_BOOT-bit.patch
file modified
+1 -1
efi-Disable-secure-boot-if-shim-is-in-insecure-mode.patch
file modified
+1 -1
efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
file modified
+1 -1
hibernate-Disable-in-a-signed-modules-environment.patch
file modified
+1 -1
input-kill-stupid-messages.patch
file modified
+1 -1
input-silence-i8042-noise.patch
file modified
+1 -1
kbuild-AFTER_LINK.patch
file modified
+1 -1
kernel.spec
file modified
+9 -0
kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
file modified
+1 -1
lib-cpumask-Make-CPUMASK_OFFSTACK-usable-without-deb.patch
file modified
+1 -1
lis3-improve-handling-of-null-rate.patch
file modified
+1 -1
no-pcspkr-modalias.patch
file modified
+1 -1
perf-install-trace-event-plugins.patch
file modified
+1 -1
pinctrl-pinctrl-single-must-be-initialized-early.patch
file modified
+1 -1
ppc64-fixtools.patch
file modified
+1 -1
psmouse-Add-psmouse_matches_pnp_id-helper-function.patch
file modified
+5 -5
psmouse-Add-support-for-detecting-FocalTech-PS-2-tou.patch
file modified
+1 -1
samsung-laptop-Add-broken-acpi-video-quirk-for-NC210.patch
file modified
+1 -1
scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch
file modified
+1 -1
silence-fbcon-logo.patch
file modified
+1 -1
uas-Add-US_FL_NO_ATA_1X-for-Seagate-devices-with-usb.patch
file modified
+1 -2
uas-Add-US_FL_NO_REPORT_OPCODES-for-JMicron-JMS566-w.patch
file modified
+1 -2
watchdog-Disable-watchdog-on-virtual-machines.patch
file modified
+1 -1
x86-Lock-down-IO-port-access-when-module-security-is.patch
file modified
+1 -1
x86-Restrict-MSR-access-when-module-loading-is-restr.patch
file modified
+1 -1
x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch
file modified
+0 -1
x86-tls-Validate-TLS-entries-to-protect-espfix.patch
file added
+77
xhci-Add-broken-streams-quirk-for-Fresco-Logic-FL100.patch
file modified
+2 -3
    CVE-2014-8133 x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS (rhbz 1172797 1174374)
    
        
file modified
+1 -1
file modified
+1 -1
file modified
+1 -1
file modified
+1 -1
file modified
+1 -1
file modified
+1 -1
file modified
+9 -0
file modified
+1 -1
file modified
+1 -1
file modified
+1 -1