Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-16882

Опубликовано: 03 янв. 2019
Источник: ubuntu
Приоритет: medium
CVSS2: 7.2
CVSS3: 8.8

Описание

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.

РелизСтатусПримечание
bionic

released

4.15.0-44.47
cosmic

released

4.18.0-14.15
devel

not-affected

4.19.0-12.13
esm-infra-legacy/trusty

not-affected

3.11.0-12.19
esm-infra/bionic

released

4.15.0-44.47
esm-infra/xenial

not-affected

4.2.0-16.19
precise/esm

not-affected

3.0.0-12.20
trusty

not-affected

3.11.0-12.19
trusty/esm

not-affected

3.11.0-12.19
upstream

released

4.20

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1032.34
cosmic

released

4.18.0-1008.10
devel

not-affected

4.18.0-1008.10
esm-infra-legacy/trusty

not-affected

4.4.0-1002.2
esm-infra/bionic

released

4.15.0-1032.34
esm-infra/xenial

not-affected

4.4.0-1001.10
precise/esm

DNE

trusty

not-affected

4.4.0-1002.2
trusty/esm

not-affected

4.4.0-1002.2
upstream

released

4.20

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

released

4.15.0-1032.34~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20
xenial

released

4.15.0-1032.34~16.04.1

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1037.39
cosmic

released

4.18.0-1008.8
devel

not-affected

4.18.0-1008.8
esm-infra-legacy/trusty

released

4.15.0-1037.39~14.04.2
esm-infra/bionic

released

4.15.0-1037.39
esm-infra/xenial

released

4.15.0-1037.39~16.04.1
precise/esm

DNE

trusty

released

4.15.0-1037.39~14.04.2
trusty/esm

released

4.15.0-1037.39~14.04.2
upstream

released

4.20

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1037.39
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.15.0-1037.39
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20
xenial

released

4.15.0-1037.39~16.04.1

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20
xenial

not-affected

4.4.0-9019.20

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.20
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1027.28
cosmic

released

4.18.0-1006.7
devel

not-affected

4.18.0-1006.7
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.15.0-1027.28
esm-infra/xenial

released

4.15.0-1027.28~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-1006.7~18.04.1
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-1006.7~18.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.20
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.20
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-14.15~18.04.1
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-14.15~18.04.1
esm-infra/xenial

released

4.15.0-45.48~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20

Показывать по

РелизСтатусПримечание
bionic

not-affected

5.0.0-8.9~18.04.1
cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

5.0.0-8.9~18.04.1
esm-infra/xenial

released

4.15.0-45.48~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1029.29
cosmic

released

4.18.0-1007.7
devel

not-affected

4.18.0-1007.7
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.15.0-1029.29
esm-infra/xenial

not-affected

4.4.0-1004.9
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

not-affected

3.13.0-24.46~precise1
trusty

DNE

trusty/esm

DNE

upstream

released

4.20
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.20
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.20
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.20
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

4.4.0-13.29~14.04.1
precise/esm

DNE

trusty

not-affected

4.4.0-13.29~14.04.1
trusty/esm

not-affected

4.4.0-13.29~14.04.1
upstream

released

4.20
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.20
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.20
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.20
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1033.38
cosmic

released

4.15.0-1033.38
devel

not-affected

4.15.0-1033.38
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.15.0-1033.38
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20
xenial

ignored

end of standard support, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1008.10
cosmic

not-affected

devel

not-affected

4.15.0-1008.10
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.15.0-1008.10
esm-infra/xenial

released

4.15.0-1008.10~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1031.33
cosmic

released

4.18.0-1009.11
devel

not-affected

4.18.0-1009.11
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20
xenial

not-affected

4.2.0-1013.19

Показывать по

РелизСтатусПримечание
bionic

not-affected

cosmic

DNE

devel

not-affected

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.20
xenial

not-affected

4.4.0-1012.12

Показывать по

Ссылки на источники

7.2 High

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-16882

CVSS3: 7.5
redhat
почти 7 лет назад

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.

nvd логотип

CVE-2018-16882

CVSS3: 8.8
nvd
почти 7 лет назад

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.

debian логотип

CVE-2018-16882

CVSS3: 8.8
debian
почти 7 лет назад

A use-after-free issue was found in the way the Linux kernel's KVM hyp ...

github логотип

GHSA-4wh7-45g5-wcc8

CVSS3: 8.8
github
больше 3 лет назад

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.

fstec логотип

BDU:2019-03248

CVSS3: 8.8
fstec
почти 7 лет назад

Уязвимость подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционных систем Linux, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании

7.2 High

CVSS2

8.8 High

CVSS3