Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-12188

Опубликовано: 11 окт. 2017
Источник: nvd
CVSS3: 7.8
CVSS2: 6.9
EPSS Низкий

Описание

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.6 (включая) до 4.9.57 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.10 (включая) до 4.13.8 (исключая)

EPSS

Процентиль: 17%
0.00055
Низкий

7.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-121
CWE-22

Связанные уязвимости

ubuntu логотип

CVE-2017-12188

CVSS3: 7.8
ubuntu
около 8 лет назад

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun."

redhat логотип

CVE-2017-12188

CVSS3: 7.6
redhat
около 8 лет назад

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun."

debian логотип

CVE-2017-12188

CVSS3: 7.8
debian
около 8 лет назад

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested vir ...

github логотип

GHSA-q7q6-h2q3-86p9

CVSS3: 7.8
github
больше 3 лет назад

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun."

oracle-oval логотип

ELSA-2018-0395

oracle-oval
больше 7 лет назад

ELSA-2018-0395: kernel security and bug fix update (IMPORTANT)

EPSS

Процентиль: 17%
0.00055
Низкий

7.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-121
CWE-22