Описание
Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service ("physical address not valid" panic) via a crafted application.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2018-08-22 (исключая)
cpe:2.3:a:google:gvisor:*:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.0005
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service ("physical address not valid" panic) via a crafted application.
EPSS
Процентиль: 16%
0.0005
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20