PT-2017-12369 · Linux+5 · Linux Kernel+5

Publicado

2017-09-20

Atualizado

2023-02-12

CVE-2017-12154

CVSS v3.1

7.1

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.13.3

Description The issue arises from the prepare vmcs02 function in arch/x86/kvm/vmx.c, which fails to ensure the existence of "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls when L1 omits the "use TPR shadow" vmcs12 control. This allows KVM L2 guest OS users to gain unauthorized read and write access to the hardware CR8 register.

Recommendations For Linux kernel versions prior to 4.13.3, update to version 4.13.3 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2017-2337

ALT-PU-2017-2375

ALT-PU-2017-2378

ALT-PU-2017-2379

ALT-PU-2018-1991

CESA-2018_1062

CVE-2017-12154

DLA-1099-1

DSA-3981-1

MGASA-2017-0381

MGASA-2017-0383

MGASA-2017-0384

MGASA-2017-0386

MGASA-2017-0387

MGASA-2017-0388

OPENSUSE-SU-2017_2739-1

OPENSUSE-SU-2017_2741-1

RHSA-2018:0676

RHSA-2018:1062

RHSA-2018_0676

RHSA-2018_1062

RHSA-2019:1946

SUSE-SU-2017:2847-1

SUSE-SU-2017:2869-1

SUSE-SU-2017:2908-1

SUSE-SU-2017:2920-1

SUSE-SU-2017:2956-1

USN-3469-1

USN-3469-2

USN-3487-1

USN-3698-1

USN-3698-2

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2017-12369 · Linux+5 · Linux Kernel+5

CVE-2017-12154

Identificadores relacionados

Produtos afetados

Referências · 477