A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 03:32
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 5.5 |
References | () http://www.openwall.com/lists/oss-security/2017/06/23/5 - Mailing List, Patch, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/99263 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1038782 - Third Party Advisory, VDB Entry | |
References | () https://access.redhat.com/articles/3290921 - Permissions Required, Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:0395 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:0412 - Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://usn.ubuntu.com/3619-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3619-2/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3754-1/ - Third Party Advisory | |
References | () https://www.debian.org/security/2017/dsa-3981 - Third Party Advisory | |
References | () https://www.spinics.net/lists/kvm/msg151817.html - Mailing List, Patch |
Information
Published : 2018-07-30 15:29
Updated : 2024-11-21 03:32
NVD link : CVE-2017-7518
Mitre link : CVE-2017-7518
CVE.ORG link : CVE-2017-7518
JSON object : View
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_server_aus
- enterprise_linux_server_eus
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux
canonical
- ubuntu_linux
debian
- debian_linux
linux
- linux_kernel