Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2020-5540

Опубликовано: 24 фев. 2020
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2020-5540: Unbreakable Enterprise kernel security update (IMPORTANT)

[4.14.35-1902.10.8]

  • KVM: nVMX: Check IO instruction VM-exit conditions (Oliver Upton) [Orabug: 30847136] {CVE-2020-2732}
  • KVM: nVMX: Refactor IO bitmap checks into helper function (Oliver Upton) [Orabug: 30847136] {CVE-2020-2732}
  • KVM: nVMX: Dont emulate instructions in guest mode (Paolo Bonzini) [Orabug: 30847136] {CVE-2020-2732}

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

kernel-uek

4.14.35-1902.10.8.el7uek

kernel-uek-debug

4.14.35-1902.10.8.el7uek

kernel-uek-debug-devel

4.14.35-1902.10.8.el7uek

kernel-uek-devel

4.14.35-1902.10.8.el7uek

kernel-uek-headers

4.14.35-1902.10.8.el7uek

kernel-uek-tools

4.14.35-1902.10.8.el7uek

kernel-uek-tools-libs

4.14.35-1902.10.8.el7uek

kernel-uek-tools-libs-devel

4.14.35-1902.10.8.el7uek

perf

4.14.35-1902.10.8.el7uek

python-perf

4.14.35-1902.10.8.el7uek

Oracle Linux x86_64

kernel-uek

4.14.35-1902.10.8.el7uek

kernel-uek-debug

4.14.35-1902.10.8.el7uek

kernel-uek-debug-devel

4.14.35-1902.10.8.el7uek

kernel-uek-devel

4.14.35-1902.10.8.el7uek

kernel-uek-doc

4.14.35-1902.10.8.el7uek

kernel-uek-tools

4.14.35-1902.10.8.el7uek

Связанные CVE

CVE-2020-2732

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2020-2732

CVSS3: 5.8
ubuntu
около 5 лет назад

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.

redhat логотип

CVE-2020-2732

CVSS3: 5.8
redhat
больше 5 лет назад

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.

nvd логотип

CVE-2020-2732

CVSS3: 5.8
nvd
около 5 лет назад

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.

debian логотип

CVE-2020-2732

CVSS3: 5.8
debian
около 5 лет назад

A flaw was discovered in the way that the KVM hypervisor handled instr ...

github логотип

GHSA-pqrp-hrrg-q69p

github
около 3 лет назад

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.