Published: 06/02/2017 Updated: 12/02/2023

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.4 | Impact Score: 5.9 | Exploitability Score: 2.5

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel prior to 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts CVE-2016-6786 / CVE-2016-6787 It was discovered that the performance events subsystem does not properly manage locks during certain migrations, allowing a local attacker to escalate privileg ...

Several security issues were fixed in the Linux kernel ...

Several security issues were fixed in the kernel ...

Several security issues were fixed in the Linux kernel ...

Several security issues were fixed in the kernel ...

Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error The error could occur while loading values into the SS register in long mode A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privilege ...

The Linux kernel > 36-rc1, when built with Kernel-based Virtual Machine (CONFIG_KVM) support, is vulnerable to an incorrect segment selector (SS) value error It could occur loading values into SS register in long mode A user/process inside a guest host could use this flaw to crash the guest, resulting in denial of service, or potentially esca ...

NVD-CWE-noinfo https://github.com/torvalds/linux/commit/33ab91103b3415e12457e3104f0e4517ce12d0f3 https://bugzilla.redhat.com/show_bug.cgi?id=1414735 http://www.openwall.com/lists/oss-security/2017/01/19/2 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3 http://www.securityfocus.com/bid/95673 http://www.debian.org/security/2017/dsa-3791 https://access.redhat.com/errata/RHSA-2017:1616 https://access.redhat.com/errata/RHSA-2017:1615 https://usn.ubuntu.com/3754-1/https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2017:1615 https://usn.ubuntu.com/3754-1/https://www.debian.org/security/./dsa-3791

CVE-2017-2583

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect