Описание
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Broken Link
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- ExploitMailing ListPatchThird Party Advisory
- Vendor Advisory
- Permissions Required
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
3.3 Low
CVSS3
1.9 Low
CVSS2
Дефекты
Связанные уязвимости
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux ...
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that reads a 16-bit value.
ELSA-2015-3012: Unbreakable Enterprise kernel security and bugfix update (IMPORTANT)
EPSS
3.3 Low
CVSS3
1.9 Low
CVSS2