21 lines
908 B
Text
21 lines
908 B
Text
$NetBSD: patch-CVE-2013-4368,v 1.1 2013/10/22 19:41:58 drochner Exp $
|
|
|
|
http://lists.xenproject.org/archives/html/xen-devel/2013-10/msg00812.html
|
|
|
|
--- xen/arch/x86/traps.c.orig 2013-09-10 08:42:18.000000000 +0200
|
|
+++ xen/arch/x86/traps.c 2013-10-22 21:11:24.000000000 +0200
|
|
@@ -1965,10 +1965,10 @@ static int emulate_privileged_op(struct
|
|
break;
|
|
}
|
|
}
|
|
- else
|
|
- read_descriptor(data_sel, v, regs,
|
|
- &data_base, &data_limit, &ar,
|
|
- 0);
|
|
+ else if ( !read_descriptor(data_sel, v, regs,
|
|
+ &data_base, &data_limit, &ar, 0) ||
|
|
+ !(ar & _SEGMENT_S) || !(ar & _SEGMENT_P) )
|
|
+ goto fail;
|
|
data_limit = ~0UL;
|
|
ar = _SEGMENT_WR|_SEGMENT_S|_SEGMENT_DPL|_SEGMENT_P;
|
|
}
|