CVE-2017-12154 — HIGH (7.1)

Q: How severe is CVE-2017-12154?

CVE-2017-12154 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-12154?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.

Vulnerability Description

The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.

CVSS Score

7.1

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	<= 4.13.3

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51aa68Issue TrackingPatchThird Party Advisory
http://www.debian.org/security/2017/dsa-3981
http://www.securityfocus.com/bid/100856Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2018:0676
https://access.redhat.com/errata/RHSA-2018:1062
https://access.redhat.com/errata/RHSA-2019:1946
https://bugzilla.redhat.com/show_bug.cgi?id=1491224Issue TrackingPatchThird Party Advisory
https://github.com/torvalds/linux/commit/51aa68e7d57e3217192d88ce90fd5b8ef29ec94Issue TrackingPatchThird Party Advisory
https://usn.ubuntu.com/3698-1/
https://usn.ubuntu.com/3698-2/
https://www.spinics.net/lists/kvm/msg155414.htmlMailing ListPatchThird Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51aa68Issue TrackingPatchThird Party Advisory
http://www.debian.org/security/2017/dsa-3981
http://www.securityfocus.com/bid/100856Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2018:0676

FAQ

What is CVE-2017-12154?

CVE-2017-12154 is a vulnerability with a CVSS score of 7.1 (HIGH). The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omit...

How severe is CVE-2017-12154?

CVE-2017-12154 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-12154?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.