Описание
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
Отчет
This issue requires unprivileged users to have access to '/dev/kvm' device. So restricting access to '/dev/kvm' device to known trusted users could limit its exploitation by untrusted users/processes.
Меры по смягчению последствий
Restrict access to the '/dev/kvm' device to trusted users.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Affected | ||
| Red Hat Enterprise MRG 2 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2019:4256 | 17.12.2019 |
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2019:3978 | 26.11.2019 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2019:3979 | 26.11.2019 |
| Red Hat Enterprise Linux 7 | kernel-alt | Fixed | RHSA-2019:4154 | 10.12.2019 |
| Red Hat Enterprise Linux 7 | kpatch-patch | Fixed | RHSA-2020:0027 | 06.01.2020 |
| Red Hat Enterprise Linux 7.6 Extended Update Support | kernel | Fixed | RHSA-2020:2851 | 07.07.2020 |
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2019:3309 | 05.11.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
7 High
CVSS3
Связанные уязвимости
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
An out-of-bounds access issue was found in the Linux kernel, all versi ...
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
ELSA-2019-4800: Unbreakable Enterprise kernel security update (IMPORTANT)
EPSS
7 High
CVSS3