CVE-2017-7518

CVSS v3.0 7.8 (High)

CVSS v2.0 4.6 (Medium)

EPSS 0.06 % (28^th)

Affected Products 9

Advisories 12

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.

Weaknesses

CWE-250: Execution with Unnecessary Privileges
CWE-755: Improper Handling of Exceptional Conditions

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2018-07-30 15:29:00
(6 years ago)
Updated Date: 2023-11-07 02:50:11
(10 months ago)

Affected Products

Redhat

Configuration #1

		CPE23	From	Up To
	Redhat Enterprise Linux 7.0	cpe:2.3:o:redhat:enterprise_linux:7.0
	Redhat Enterprise Linux Desktop 7.0	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
	Redhat Enterprise Linux Server 7.0	cpe:2.3:o:redhat:enterprise_linux_server:7.0
	Redhat Enterprise Linux Server Aus 7.4	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
	Redhat Enterprise Linux Server Eus 7.4	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4
	Redhat Enterprise Linux Server Eus 7.5	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
	Redhat Enterprise Linux Workstation 7.0	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0
	Debian Linux 9.0	cpe:2.3:o:debian:debian_linux:9.0

Configuration #3

		CPE23	From	Up To
	Linux Kernel prior 4.12 version	cpe:2.3:o:linux:linux_kernel		< 4.12

Weaknesses

Affected Products

Canonical

Debian

Linux

Redhat

Configuration #1

Configuration #2

Configuration #3