Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-3887

Опубликовано: 09 апр. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.7
CVSS3: 5.6

Описание

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

РелизСтатусПримечание
bionic

not-affected

4.13.0-16.19
cosmic

released

4.18.0-20.21
devel

released

5.0.0-15.16
disco

released

5.0.0-15.16
esm-infra-legacy/trusty

not-affected

3.11.0-12.19
esm-infra/bionic

not-affected

4.13.0-16.19
esm-infra/xenial

not-affected

4.2.0-16.19
precise/esm

not-affected

3.0.0-12.20
trusty

not-affected

3.11.0-12.19
trusty/esm

not-affected

3.11.0-12.19

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1001.1
cosmic

released

4.18.0-1016.18
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

not-affected

4.4.0-1002.2
esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/xenial

not-affected

4.4.0-1001.10
precise/esm

DNE

trusty

not-affected

4.4.0-1002.2
trusty/esm

not-affected

4.4.0-1002.2

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

4.15.0-1030.31~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-1018.18~18.04.1
cosmic

released

4.18.0-1018.18
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

not-affected

4.15.0-1023.24~14.04.1
esm-infra/bionic

released

4.18.0-1018.18~18.04.1
esm-infra/xenial

not-affected

4.11.0-1009.9
precise/esm

DNE

trusty

not-affected

4.15.0-1023.24~14.04.1
trusty/esm

not-affected

4.15.0-1023.24~14.04.1

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-1018.18~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-1018.18~18.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1001.1
cosmic

released

4.18.0-1011.12
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/xenial

not-affected

4.10.0-1004.4
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-1011.12~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-1011.12~18.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-20.21~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-20.21~18.04.1
esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

5.0.0-15.16~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

5.0.0-15.16~18.04.1
esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.2
cosmic

released

4.18.0-1012.12
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.2
esm-infra/xenial

not-affected

4.4.0-1004.9
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

precise/esm

not-affected

3.13.0-24.46~precise1
trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was ignored]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of life, was ignored
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was ignored]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of life, was ignored
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was ignored]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of life, was ignored
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

not-affected

4.4.0-13.29~14.04.1
precise/esm

DNE

trusty

not-affected

4.4.0-13.29~14.04.1
trusty/esm

not-affected

4.4.0-13.29~14.04.1
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc4
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1002.3
cosmic

not-affected

4.15.0-1004.5
devel

not-affected

4.15.0-1035.40
disco

not-affected

4.15.0-1021.24
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.3
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.15.0-1007.9
cosmic

not-affected

4.15.0-1007.9
devel

not-affected

4.15.0-1011.13
disco

not-affected

4.15.0-1007.9
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1007.9
esm-infra/xenial

not-affected

4.15.0-1007.9~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.13.0-1005.5
cosmic

released

4.18.0-1014.16
devel

released

5.0.0-1008.8
disco

released

5.0.0-1008.8
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4
xenial

not-affected

4.2.0-1013.19

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.4.0-1077.82
cosmic

DNE

devel

released

5.0.0-1012.12
disco

released

5.0.0-1012.12
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc4
xenial

not-affected

4.4.0-1012.12

Показывать по

Ссылки на источники

EPSS

Процентиль: 7%
0.00028
Низкий

4.7 Medium

CVSS2

5.6 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-3887

CVSS3: 6.7
redhat
больше 6 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

nvd логотип

CVE-2019-3887

CVSS3: 5.6
nvd
больше 6 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

msrc логотип

CVE-2019-3887

CVSS3: 5.6
msrc
около 5 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that L1 guest could access L0's APIC register values via L2 guest when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

debian логотип

CVE-2019-3887

CVSS3: 5.6
debian
больше 6 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Spec ...

github логотип

GHSA-j2cm-6mgm-v7v4

CVSS3: 5.6
github
больше 3 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

EPSS

Процентиль: 7%
0.00028
Низкий

4.7 Medium

CVSS2

5.6 Medium

CVSS3

Уязвимость CVE-2019-3887