Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-3887

Опубликовано: 09 апр. 2019
Источник: ubuntu
Приоритет: medium
CVSS2: 4.7
CVSS3: 5.6

Описание

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

РелизСтатусПримечание
bionic

not-affected

4.13.0-16.19
cosmic

released

4.18.0-20.21
devel

released

5.0.0-15.16
disco

released

5.0.0-15.16
esm-infra-legacy/trusty

not-affected

3.11.0-12.19
esm-infra/bionic

not-affected

4.13.0-16.19
esm-infra/xenial

not-affected

4.2.0-16.19
precise/esm

not-affected

3.0.0-12.20
trusty

not-affected

3.11.0-12.19
trusty/esm

not-affected

3.11.0-12.19

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1001.1
cosmic

released

4.18.0-1016.18
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

not-affected

4.4.0-1002.2
esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/xenial

not-affected

4.4.0-1001.10
precise/esm

DNE

trusty

not-affected

4.4.0-1002.2
trusty/esm

not-affected

4.4.0-1002.2

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

4.15.0-1030.31~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-1018.18~18.04.1
cosmic

released

4.18.0-1018.18
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

not-affected

4.15.0-1023.24~14.04.1
esm-infra/bionic

released

4.18.0-1018.18~18.04.1
esm-infra/xenial

not-affected

4.11.0-1009.9
precise/esm

DNE

trusty

not-affected

4.15.0-1023.24~14.04.1
trusty/esm

not-affected

4.15.0-1023.24~14.04.1

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-1018.18~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-1018.18~18.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1001.1
cosmic

released

4.18.0-1011.12
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/xenial

not-affected

4.10.0-1004.4
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-1011.12~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-1011.12~18.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-20.21~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-20.21~18.04.1
esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

5.0.0-15.16~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

5.0.0-15.16~18.04.1
esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.2
cosmic

released

4.18.0-1012.12
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.2
esm-infra/xenial

not-affected

4.4.0-1004.9
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

precise/esm

not-affected

3.13.0-24.46~precise1
trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was ignored]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of life, was ignored
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was ignored]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of life, was ignored
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was ignored]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of life, was ignored
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

not-affected

4.4.0-13.29~14.04.1
precise/esm

DNE

trusty

not-affected

4.4.0-13.29~14.04.1
trusty/esm

not-affected

4.4.0-13.29~14.04.1
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.3
cosmic

not-affected

4.15.0-1004.5
devel

not-affected

4.15.0-1035.40
disco

not-affected

4.15.0-1021.24
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.3
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1007.9
cosmic

not-affected

4.15.0-1007.9
devel

not-affected

4.15.0-1011.13
disco

not-affected

4.15.0-1007.9
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1007.9
esm-infra/xenial

not-affected

4.15.0-1007.9~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.13.0-1005.5
cosmic

released

4.18.0-1014.16
devel

released

5.0.0-1008.8
disco

released

5.0.0-1008.8
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4
xenial

not-affected

4.2.0-1013.19

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.4.0-1077.82
cosmic

DNE

devel

released

5.0.0-1012.12
disco

released

5.0.0-1012.12
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4
xenial

not-affected

4.4.0-1012.12

Показывать по

Ссылки на источники

4.7 Medium

CVSS2

5.6 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-3887

CVSS3: 6.7
redhat
больше 6 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

nvd логотип

CVE-2019-3887

CVSS3: 5.6
nvd
больше 6 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

msrc логотип

CVE-2019-3887

CVSS3: 5.6
msrc
больше 5 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that L1 guest could access L0's APIC register values via L2 guest when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

debian логотип

CVE-2019-3887

CVSS3: 5.6
debian
больше 6 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Spec ...

github логотип

GHSA-j2cm-6mgm-v7v4

CVSS3: 5.6
github
больше 3 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

4.7 Medium

CVSS2

5.6 Medium

CVSS3

Уязвимость CVE-2019-3887