Published: 07/10/2018 Updated: 03/04/2019

CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8

VMScore: 320

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P

arch/arm64/kvm/guest.c in KVM in the Linux kernel prior to 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control (with full register control). An attacker can also cause a denial of service (hypervisor panic) via an illegal exception return. This occurs because of insufficient restrictions on userspace access to the core register file, and because PSTATE.M validation does not prevent unintended execution modes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
debian debian linux 9.0
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04

Synopsis Important: kernel-alt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-alt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2018-15471 (XSA-270) Felix Wilhelm of Google Project Zero discovered a flaw in the hash handling of the xen-netback Linux kernel module A malicious or buggy frontend may cause the (usual ...

Several security issues were fixed in the Linux kernel ...

An issue was discovered in the proc_pid_stack function in fs/proc/basec in the Linux kernel An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace The fix allows only root to inspect the kernel stack of an arbitrary task(CVE-2018-17972) A vulnerability was discovered in the Linux kernel that allow ...

A vulnerability was discovered in the Linux kernel that allows an attacker to escalate privileges with using a 64-bit ARM architecture A local attacker with permission to create KVM-based virtual machines can both panic the hypervisor by triggering an illegal exception return (resulting in a DoS) and to redirect execution elsewhere within the hype ...

CWE-20 https://www.openwall.com/lists/oss-security/2018/10/02/2 https://github.com/torvalds/linux/commit/d26c25a9d19b5976b319af528886f89cf455692d https://github.com/torvalds/linux/commit/2a3f93459d689d990b3ecfbe782fec89b97d3279 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.12 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d26c25a9d19b5976b319af528886f89cf455692d http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2a3f93459d689d990b3ecfbe782fec89b97d3279 https://www.debian.org/security/2018/dsa-4313 http://www.securityfocus.com/bid/105550 https://usn.ubuntu.com/3821-2/https://usn.ubuntu.com/3821-1/https://access.redhat.com/errata/RHSA-2018:3656 https://usn.ubuntu.com/3931-2/https://usn.ubuntu.com/3931-1/https://access.redhat.com/errata/RHSA-2018:3656 https://nvd.nist.gov https://usn.ubuntu.com/3821-1/https://www.debian.org/security/./dsa-4313

CVE-2018-18021

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect