CVE-2020-2732 — MEDIUM (5.8)

Vulnerability Description

A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.

CVSS Score

5.8

MEDIUM

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Redhat	Enterprise Linux	7.0

Related Weaknesses (CWE)

CWE-200

References

https://bugzilla.redhat.com/show_bug.cgi?id=1805135Issue TrackingThird Party Advisory
https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ecPatchThird Party Advisory
https://git.kernel.org/linus/35a571346a94fb93b5b3b6a599675ef3384bc75cPatchThird Party Advisory
https://git.kernel.org/linus/e71237d3ff1abf9f3388337cfebf53b96df2020dPatchThird Party Advisory
https://linux.oracle.com/errata/ELSA-2020-5540.htmlThird Party Advisory
https://linux.oracle.com/errata/ELSA-2020-5542.htmlThird Party Advisory
https://linux.oracle.com/errata/ELSA-2020-5543.htmlThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html
https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
https://www.debian.org/security/2020/dsa-4667
https://www.debian.org/security/2020/dsa-4698
https://www.openwall.com/lists/oss-security/2020/02/25/3Mailing ListThird Party Advisory
https://www.spinics.net/lists/kvm/msg208259.htmlPatchThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1805135Issue TrackingThird Party Advisory

FAQ

What is CVE-2020-2732?

CVE-2020-2732 is a vulnerability with a CVSS score of 5.8 (MEDIUM). A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 gue...

How severe is CVE-2020-2732?

CVE-2020-2732 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-2732?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Enterprise Linux.