4.6
CVSSv2

CVE-2018-1087

Published: 15/05/2018 Updated: 09/10/2019
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

kernel KVM prior to kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.

Vulnerability Trend

Vendor Advisories

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services for SAP Sol ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Synopsis Important: redhat-virtualization-host bug fix and enhancement update Type/Severity Security Advisory: Important Topic Updated redhat-virtualization-host packages that fix several bugs and add various enhancements are now available Description The redhat-virtualization-host package ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis Important: rhev-hypervisor7 security update Type/Severity Security Advisory: Important Topic An update for rhev-hypervisor7 is now available for RHEV 3X Hypervisor and Agents Extended Lifecycle Support for Red Hat Enterprise Linux 6 and RHEV 3X Hypervisor and Agents Extended Lifecycle Support for ...
Synopsis Important: redhat-virtualization-host security update Type/Severity Security Advisory: Important Topic An update for redhat-virtualization-host is now available for RHEV 3X Hypervisor and Agents Extended Lifecycle Support for Red Hat Enterprise Linux 7Red Hat Product Security has rated this updat ...
Several security issues were fixed in the Linux kernel ...
A flaw was found in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed An unprivile ...
A weakness was found in the Linux kernel's implementation of random seed data Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated (CVE-2018-1108 ) A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructio ...
A weakness was found in the Linux kernel's implementation of random seed data Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated (CVE-2018-1108 ) A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructio ...
Oracle Linux Bulletin - April 2018 Description The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin Oracle Linux Bulletins are published on the same day as Oracle Critical P ...
Oracle VM Server for x86 Bulletin - April 2018 Description The Oracle VM Server for x86 Bulletin lists all CVEs that had been resolved and announced in Oracle VM Server for x86 Security Advisories (OVMSA) in the last one month prior to the release of the bulletin Oracle VM Server for x86 Bulletins are publi ...
Multiple security vulnerabilities have been identified and fixed in the IBM Security Privileged Identity Manager Appliance ...
IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to multiple security vulnerabilities There are multiple vulnerabilities fixes to open source libraries distributed with IGI, other less secure algorithms for crypto, xss attacks and click jacking attacks ...

Github Repositories

Scripts to install and execute the Vuls vulnerability scanner running RHEL/CentOS on AWS EC2

rhel-centos-ec2-vuls Installation and execution scripts of the Vuls vulnerability scanner (vulsio) for RHEL/CentOS on AWS EC2 Description Vuls is an open-source, agent-less vulnerability scanner based on information from NVD, OVAL, etc Use these scripts to install Vuls and run vulnerability scans on your RHEL/CentOS instance on AWS EC2 Files instal