CVE-2019-3887

Опубликовано: 09 апр. 2019

Источник: ubuntu

Приоритет: medium

CVSS2: 4.7

CVSS3: 5.6

Описание

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

Релиз	Статус	Примечание
bionic	not-affected	4.13.0-16.19
cosmic	released	4.18.0-20.21
devel	released	5.0.0-15.16
disco	released	5.0.0-15.16
esm-infra-legacy/trusty	not-affected	3.11.0-12.19
esm-infra/bionic	not-affected	4.13.0-16.19
esm-infra/xenial	not-affected	4.2.0-16.19
precise/esm	not-affected	3.0.0-12.20
trusty	not-affected	3.11.0-12.19
trusty/esm	not-affected	3.11.0-12.19

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1001.1
cosmic	released	4.18.0-1016.18
devel	released	5.0.0-1006.6
disco	released	5.0.0-1006.6
esm-infra-legacy/trusty	not-affected	4.4.0-1002.2
esm-infra/bionic	not-affected	4.15.0-1001.1
esm-infra/xenial	not-affected	4.4.0-1001.10
precise/esm	DNE
trusty	not-affected	4.4.0-1002.2
trusty/esm	not-affected	4.4.0-1002.2

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.15.0-1030.31~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc4

Показывать по

Релиз	Статус	Примечание
bionic	released	4.18.0-1018.18~18.04.1
cosmic	released	4.18.0-1018.18
devel	released	5.0.0-1006.6
disco	released	5.0.0-1006.6
esm-infra-legacy/trusty	not-affected	4.15.0-1023.24~14.04.1
esm-infra/bionic	not-affected	4.18.0-1018.18~18.04.1
esm-infra/xenial	not-affected	4.11.0-1009.9
precise/esm	DNE
trusty	not-affected	4.15.0-1023.24~14.04.1
trusty/esm	not-affected	4.15.0-1023.24~14.04.1

Показывать по

Релиз	Статус	Примечание
bionic	released	4.18.0-1018.18~18.04.1
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.18.0-1018.18~18.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc4

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc4

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc4

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1001.1
cosmic	released	4.18.0-1011.12
devel	released	5.0.0-1006.6
disco	released	5.0.0-1006.6
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1001.1
esm-infra/xenial	not-affected	4.10.0-1004.4
precise/esm	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
bionic	released	4.18.0-1011.12~18.04.1
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.18.0-1011.12~18.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc4

Показывать по

Релиз	Статус	Примечание
bionic	not-affected
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc4
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc4

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc4
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	released	4.18.0-20.21~18.04.1
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.18.0-20.21~18.04.1
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	5.0.0-15.16~18.04.1
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	5.0.0-15.16~18.04.1
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1002.2
cosmic	released	4.18.0-1012.12
devel	released	5.0.0-1006.6
disco	released	5.0.0-1006.6
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1002.2
esm-infra/xenial	not-affected	4.4.0-1004.9
precise/esm	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE
precise/esm	not-affected	3.13.0-24.46~precise1
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc4
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was ignored [end of life, was ignored]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	ignored	end of life, was ignored
upstream	released	5.1~rc4
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was ignored [end of life, was ignored]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	ignored	end of life, was ignored
upstream	released	5.1~rc4
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was ignored [end of life, was ignored]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	ignored	end of life, was ignored
upstream	released	5.1~rc4
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-13.29~14.04.1
precise/esm	DNE
trusty	not-affected	4.4.0-13.29~14.04.1
trusty/esm	not-affected	4.4.0-13.29~14.04.1
upstream	released	5.1~rc4
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc4
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc4

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc4
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1002.3
cosmic	not-affected	4.15.0-1004.5
devel	not-affected	4.15.0-1035.40
disco	not-affected	4.15.0-1021.24
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1002.3
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc4

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1007.9
cosmic	not-affected	4.15.0-1007.9
devel	not-affected	4.15.0-1011.13
disco	not-affected	4.15.0-1007.9
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1007.9
esm-infra/xenial	not-affected	4.15.0-1007.9~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.13.0-1005.5
cosmic	released	4.18.0-1014.16
devel	released	5.0.0-1008.8
disco	released	5.0.0-1008.8
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc4
xenial	not-affected	4.2.0-1013.19

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.4.0-1077.82
cosmic	DNE
devel	released	5.0.0-1012.12
disco	released	5.0.0-1012.12
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc4
xenial	not-affected	4.4.0-1012.12

Показывать по

Ссылки на источники

4.7 Medium

CVSS2

5.6 Medium

CVSS3

Связанные уязвимости

CVE-2019-3887

CVSS3: 6.7

redhat

около 6 лет назад

CVE-2019-3887

CVSS3: 5.6

nvd

около 6 лет назад

CVE-2019-3887

CVSS3: 5.6

debian

около 6 лет назад

A flaw was found in the way KVM hypervisor handled x2APIC Machine Spec ...

GHSA-j2cm-6mgm-v7v4

CVSS3: 5.6

github

около 3 лет назад

BDU:2019-02958

CVSS3: 5.6

fstec

около 6 лет назад

Уязвимость подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

4.7 Medium

CVSS2

5.6 Medium

CVSS3

CVE-2019-3887

Описание

Пакет linux

Пакет linux-aws

Пакет linux-aws-hwe

Пакет linux-azure

Пакет linux-azure-edge

Пакет linux-euclid

Пакет linux-flo

Пакет linux-gcp

Пакет linux-gcp-edge

Пакет linux-gke

Пакет linux-goldfish

Пакет linux-grouper

Пакет linux-hwe

Пакет linux-hwe-edge

Пакет linux-kvm

Пакет linux-lts-trusty

Пакет linux-lts-utopic

Пакет linux-lts-vivid

Пакет linux-lts-wily

Пакет linux-lts-xenial

Пакет linux-maguro

Пакет linux-mako

Пакет linux-manta

Пакет linux-oem

Пакет linux-oracle

Пакет linux-raspi2

Пакет linux-snapdragon

Ссылки на источники

Связанные уязвимости