Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested (level 2) guest access the resources of a parent (level 1) guest in certain situations. An attacker could use this to expose sensitive information.
{ "availability": "No subscription required", "binaries": [ { "input-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "fs-core-modules-4.4.0-176-generic-di": "4.4.0-176.206", "pata-modules-4.4.0-176-generic-di": "4.4.0-176.206", "linux-buildinfo-4.4.0-176-powerpc-e500mc": "4.4.0-176.206", "linux-headers-4.4.0-176-generic": "4.4.0-176.206", "nic-pcmcia-modules-4.4.0-176-generic-di": "4.4.0-176.206", "linux-image-4.4.0-176-powerpc64-smp-dbgsym": "4.4.0-176.206", "linux-modules-4.4.0-176-powerpc-smp": "4.4.0-176.206", "linux-image-4.4.0-176-powerpc64-smp": "4.4.0-176.206", "kernel-image-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "md-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "linux-tools-4.4.0-176-powerpc-e500mc": "4.4.0-176.206", "serial-modules-4.4.0-176-generic-di": "4.4.0-176.206", "storage-core-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "linux-source-4.4.0": "4.4.0-176.206", "linux-image-4.4.0-176-generic-dbgsym": "4.4.0-176.206", "linux-cloud-tools-4.4.0-176-generic": "4.4.0-176.206", "nfs-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "linux-tools-4.4.0-176-powerpc64-emb": "4.4.0-176.206", "ppp-modules-4.4.0-176-generic-di": "4.4.0-176.206", "scsi-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "ppp-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "block-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "speakup-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "virtio-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "kernel-image-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "kernel-image-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "crypto-modules-4.4.0-176-generic-di": "4.4.0-176.206", "ipmi-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "ppp-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "nic-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "ppp-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "irda-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "kernel-image-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "input-modules-4.4.0-176-generic-di": "4.4.0-176.206", "fat-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "floppy-modules-4.4.0-176-generic-di": "4.4.0-176.206", "linux-cloud-tools-4.4.0-176": "4.4.0-176.206", "block-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "linux-buildinfo-4.4.0-176-generic": "4.4.0-176.206", "linux-headers-4.4.0-176-generic-lpae": "4.4.0-176.206", "nic-shared-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "crypto-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "linux-buildinfo-4.4.0-176-lowlatency": "4.4.0-176.206", "virtio-modules-4.4.0-176-generic-di": "4.4.0-176.206", "usb-modules-4.4.0-176-generic-di": "4.4.0-176.206", "nic-shared-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "sata-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "linux-headers-4.4.0-176": "4.4.0-176.206", "crypto-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "floppy-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "speakup-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "linux-cloud-tools-common": "4.4.0-176.206", "floppy-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "linux-image-unsigned-4.4.0-176-generic": "4.4.0-176.206", "vlan-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "floppy-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "linux-libc-dev": "4.4.0-176.206", "fat-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "pcmcia-modules-4.4.0-176-generic-di": "4.4.0-176.206", "plip-modules-4.4.0-176-generic-di": "4.4.0-176.206", "linux-headers-4.4.0-176-powerpc64-smp": "4.4.0-176.206", "linux-buildinfo-4.4.0-176-generic-lpae": "4.4.0-176.206", "multipath-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "linux-buildinfo-4.4.0-176-powerpc64-emb": "4.4.0-176.206", "scsi-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "usb-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "mouse-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "plip-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "linux-image-4.4.0-176-generic-lpae-dbgsym": "4.4.0-176.206", "firewire-core-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "virtio-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "plip-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "linux-image-4.4.0-176-lowlatency-dbgsym": "4.4.0-176.206", "irda-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "linux-udebs-powerpc-smp": "4.4.0-176.206", "linux-cloud-tools-4.4.0-176-lowlatency": "4.4.0-176.206", "fs-secondary-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "irda-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "mouse-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "linux-image-unsigned-4.4.0-176-lowlatency-dbgsym": "4.4.0-176.206", "parport-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "linux-tools-4.4.0-176-powerpc64-smp": "4.4.0-176.206", "mouse-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "linux-image-unsigned-4.4.0-176-lowlatency": "4.4.0-176.206", "linux-buildinfo-4.4.0-176-powerpc-smp": "4.4.0-176.206", "ipmi-modules-4.4.0-176-generic-di": "4.4.0-176.206", "usb-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "message-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "nic-usb-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "scsi-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "linux-tools-4.4.0-176": "4.4.0-176.206", "ipmi-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "fs-core-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "linux-tools-common": "4.4.0-176.206", "input-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "ipmi-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "ipmi-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "linux-image-4.4.0-176-generic": "4.4.0-176.206", "fs-secondary-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "linux-image-4.4.0-176-powerpc-e500mc": "4.4.0-176.206", "linux-headers-4.4.0-176-powerpc64-emb": "4.4.0-176.206", "linux-tools-4.4.0-176-generic-lpae": "4.4.0-176.206", "linux-modules-4.4.0-176-powerpc64-smp": "4.4.0-176.206", "linux-modules-4.4.0-176-generic-lpae": "4.4.0-176.206", "storage-core-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "nic-usb-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "multipath-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "firewire-core-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "nic-shared-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "vlan-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "nic-modules-4.4.0-176-generic-di": "4.4.0-176.206", "vlan-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "linux-udebs-generic": "4.4.0-176.206", "nic-usb-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "nfs-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "nfs-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "ppp-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "linux-image-4.4.0-176-powerpc-smp-dbgsym": "4.4.0-176.206", "virtio-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "speakup-modules-4.4.0-176-generic-di": "4.4.0-176.206", "fs-secondary-modules-4.4.0-176-generic-di": "4.4.0-176.206", "nic-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "input-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "crypto-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "linux-udebs-powerpc-e500mc": "4.4.0-176.206", "nfs-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "block-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "fs-core-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "vlan-modules-4.4.0-176-generic-di": "4.4.0-176.206", "linux-udebs-powerpc64-smp": "4.4.0-176.206", "linux-image-4.4.0-176-generic-lpae": "4.4.0-176.206", "md-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "plip-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "sata-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "fat-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "irda-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "linux-headers-4.4.0-176-powerpc-smp": "4.4.0-176.206", "fat-modules-4.4.0-176-generic-di": "4.4.0-176.206", "linux-modules-4.4.0-176-lowlatency": "4.4.0-176.206", "linux-modules-4.4.0-176-powerpc-e500mc": "4.4.0-176.206", "parport-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "nfs-modules-4.4.0-176-generic-di": "4.4.0-176.206", "md-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "fs-secondary-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "nic-shared-modules-4.4.0-176-generic-di": "4.4.0-176.206", "linux-image-4.4.0-176-powerpc-smp": "4.4.0-176.206", "fs-secondary-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "pata-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "linux-modules-extra-4.4.0-176-generic": "4.4.0-176.206", "speakup-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "crypto-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "firewire-core-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "linux-tools-4.4.0-176-powerpc-smp": "4.4.0-176.206", "md-modules-4.4.0-176-generic-di": "4.4.0-176.206", "multipath-modules-4.4.0-176-generic-di": "4.4.0-176.206", "storage-core-modules-4.4.0-176-generic-di": "4.4.0-176.206", "parport-modules-4.4.0-176-generic-di": "4.4.0-176.206", "linux-headers-4.4.0-176-lowlatency": "4.4.0-176.206", "linux-modules-4.4.0-176-generic": "4.4.0-176.206", "fat-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "kernel-image-4.4.0-176-generic-di": "4.4.0-176.206", "multipath-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "linux-buildinfo-4.4.0-176-powerpc64-smp": "4.4.0-176.206", "input-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "firewire-core-modules-4.4.0-176-generic-di": "4.4.0-176.206", "nic-usb-modules-4.4.0-176-generic-di": "4.4.0-176.206", "linux-doc": "4.4.0-176.206", "dasd-extra-modules-4.4.0-176-generic-di": "4.4.0-176.206", "irda-modules-4.4.0-176-generic-di": "4.4.0-176.206", "message-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "plip-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "speakup-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "sata-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "linux-image-4.4.0-176-powerpc64-emb-dbgsym": "4.4.0-176.206", "pata-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "linux-image-4.4.0-176-powerpc-e500mc-dbgsym": "4.4.0-176.206", "parport-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "multipath-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "linux-image-unsigned-4.4.0-176-generic-dbgsym": "4.4.0-176.206", "message-modules-4.4.0-176-generic-di": "4.4.0-176.206", "sata-modules-4.4.0-176-generic-di": "4.4.0-176.206", "fs-core-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "mouse-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "linux-tools-host": "4.4.0-176.206", "storage-core-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "scsi-modules-4.4.0-176-generic-di": "4.4.0-176.206", "linux-tools-4.4.0-176-lowlatency": "4.4.0-176.206", "sata-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "linux-headers-4.4.0-176-powerpc-e500mc": "4.4.0-176.206", "md-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "linux-tools-4.4.0-176-generic": "4.4.0-176.206", "linux-udebs-generic-lpae": "4.4.0-176.206", "nic-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "usb-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "block-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "fs-core-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "pata-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "linux-modules-4.4.0-176-powerpc64-emb": "4.4.0-176.206", "linux-image-4.4.0-176-lowlatency": "4.4.0-176.206", "parport-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "scsi-modules-4.4.0-176-powerpc64-smp-di": "4.4.0-176.206", "block-modules-4.4.0-176-generic-di": "4.4.0-176.206", "nic-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "linux-image-4.4.0-176-powerpc64-emb": "4.4.0-176.206", "pcmcia-storage-modules-4.4.0-176-generic-di": "4.4.0-176.206", "fb-modules-4.4.0-176-generic-di": "4.4.0-176.206", "vlan-modules-4.4.0-176-powerpc-e500mc-di": "4.4.0-176.206", "nic-shared-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "usb-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "storage-core-modules-4.4.0-176-generic-lpae-di": "4.4.0-176.206", "message-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "dasd-modules-4.4.0-176-generic-di": "4.4.0-176.206", "nic-usb-modules-4.4.0-176-powerpc-smp-di": "4.4.0-176.206", "mouse-modules-4.4.0-176-generic-di": "4.4.0-176.206" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-aws-cloud-tools-4.4.0-1104": "4.4.0-1104.115", "linux-headers-4.4.0-1104-aws": "4.4.0-1104.115", "linux-image-4.4.0-1104-aws-dbgsym": "4.4.0-1104.115", "linux-modules-4.4.0-1104-aws": "4.4.0-1104.115", "linux-tools-4.4.0-1104-aws": "4.4.0-1104.115", "linux-aws-tools-4.4.0-1104": "4.4.0-1104.115", "linux-modules-extra-4.4.0-1104-aws": "4.4.0-1104.115", "linux-image-4.4.0-1104-aws": "4.4.0-1104.115", "linux-cloud-tools-4.4.0-1104-aws": "4.4.0-1104.115", "linux-aws-headers-4.4.0-1104": "4.4.0-1104.115", "linux-buildinfo-4.4.0-1104-aws": "4.4.0-1104.115" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-kvm-cloud-tools-4.4.0-1068": "4.4.0-1068.75", "linux-buildinfo-4.4.0-1068-kvm": "4.4.0-1068.75", "linux-kvm-tools-4.4.0-1068": "4.4.0-1068.75", "linux-tools-4.4.0-1068-kvm": "4.4.0-1068.75", "linux-kvm-headers-4.4.0-1068": "4.4.0-1068.75", "linux-image-4.4.0-1068-kvm": "4.4.0-1068.75", "linux-image-4.4.0-1068-kvm-dbgsym": "4.4.0-1068.75", "linux-cloud-tools-4.4.0-1068-kvm": "4.4.0-1068.75", "linux-modules-4.4.0-1068-kvm": "4.4.0-1068.75", "linux-headers-4.4.0-1068-kvm": "4.4.0-1068.75" } ] }