Описание
KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.
Ссылки
- PatchVendor Advisory
- Release Notes
- Mailing ListPatch
- Third Party AdvisoryVDB Entry
- Issue Tracking
- PatchVendor Advisory
- PatchVendor Advisory
- Release Notes
- Mailing ListPatch
- Third Party AdvisoryVDB Entry
- Issue Tracking
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
Связанные уязвимости
KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.
KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.
KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does ...
KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.
EPSS
7.8 High
CVSS3
6.9 Medium
CVSS2