Vulnerability Description
arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | <= 4.9.3 |
Related Weaknesses (CWE)
References
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=129a72
- http://www.debian.org/security/2017/dsa-3791
- http://www.openwall.com/lists/oss-security/2017/01/13/7
- http://www.securityfocus.com/bid/95430
- http://www.securitytracker.com/id/1037603
- https://bugzilla.redhat.com/show_bug.cgi?id=1413001
- https://github.com/torvalds/linux/commit/129a72a0d3c8e139a04512325384fe5ac119e74
- https://usn.ubuntu.com/3754-1/
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=129a72
- http://www.debian.org/security/2017/dsa-3791
- http://www.openwall.com/lists/oss-security/2017/01/13/7
- http://www.securityfocus.com/bid/95430
- http://www.securitytracker.com/id/1037603
- https://bugzilla.redhat.com/show_bug.cgi?id=1413001
- https://github.com/torvalds/linux/commit/129a72a0d3c8e139a04512325384fe5ac119e74
FAQ
What is CVE-2017-2584?
CVE-2017-2584 is a vulnerability with a CVSS score of 7.1 (HIGH). arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application t...
How severe is CVE-2017-2584?
CVE-2017-2584 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-2584?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.