CVE-2018-10901

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel's KVM virtualization subsystem (affected versions not specified)

Description A flaw in the Linux kernel's KVM virtualization subsystem is related to inadequate access control. The issue is caused by the VMX code not restoring the GDT.LIMIT to the previous host value, instead setting it to 64KB. This allows a host's userspace code to place malicious entries in the GDT, particularly in the per-cpu variables, potentially enabling an attacker to escalate their privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Initialization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-665CWE-264

Related Identifiers

BDU:2019-00183

CESA-2018_2390

CVE-2018-10901

RHSA-2018:2390

RHSA-2018:2391

RHSA-2018:2392

RHSA-2018:2393

RHSA-2018:2394

RHSA-2018_2390

Affected Products

Centos

Linux Kernel

Red Hat

CVE-2018-10901

Weakness Enumeration

Related Identifiers

Affected Products

References · 21