CVE-2017-7518 — MEDIUM (5.5)

Q: How severe is CVE-2017-7518?

CVE-2017-7518 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-7518?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Enterprise Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.

Vulnerability Description

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.

CVSS Score

5.5

MEDIUM

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Redhat	Enterprise Linux	7.0
Redhat	Enterprise Linux Desktop	7.0
Redhat	Enterprise Linux Server	7.0
Redhat	Enterprise Linux Server Aus	7.4
Redhat	Enterprise Linux Server Eus	7.4
Redhat	Enterprise Linux Workstation	7.0
Canonical	Ubuntu Linux	14.04
Debian	Debian Linux	8.0
Linux	Linux Kernel	< 4.12

Related Weaknesses (CWE)

CWE-250 CWE-755

References

http://www.openwall.com/lists/oss-security/2017/06/23/5Mailing ListPatchThird Party Advisory
http://www.securityfocus.com/bid/99263Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1038782Third Party AdvisoryVDB Entry
https://access.redhat.com/articles/3290921Permissions RequiredThird Party Advisory
https://access.redhat.com/errata/RHSA-2018:0395Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0412Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518Issue TrackingPatchThird Party Advisory
https://usn.ubuntu.com/3619-1/Third Party Advisory
https://usn.ubuntu.com/3619-2/Third Party Advisory
https://usn.ubuntu.com/3754-1/Third Party Advisory
https://www.debian.org/security/2017/dsa-3981Third Party Advisory
https://www.spinics.net/lists/kvm/msg151817.htmlMailing ListPatch
http://www.openwall.com/lists/oss-security/2017/06/23/5Mailing ListPatchThird Party Advisory
http://www.securityfocus.com/bid/99263Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1038782Third Party AdvisoryVDB Entry

FAQ

What is CVE-2017-7518?

CVE-2017-7518 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug excepti...

How severe is CVE-2017-7518?

CVE-2017-7518 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-7518?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Enterprise Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.