1. Home
  2. Vulnerabilities
  3. CVE-2018-1087

CVE-2018-1087

CVSS v3.0 7.8 (High)
78% Progress
CVSS v2.0 4.6 (Medium)
46% Progress
EPSS 0.06 % (28th)
0.06% Progress
Affected Products 11
Advisories 38
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.

Weaknesses
CWE-250
Execution with Unnecessary Privileges
CWE-NVD-noinfo
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2018-05-15 16:29:00
(6 years ago)
Updated Date
2019-10-09 23:38:05
(5 years ago)

Affected Products

Canonical

Debian

Linux

Redhat

Configuration #1

    CPE23 From Up To
  Linux Kernel 4.16 cpe:2.3:o:linux:linux_kernel:4.16
  Linux Kernel 4.16 Rc7 cpe:2.3:o:linux:linux_kernel:4.16:rc7
  Linux Kernel 4.17 Rc1 cpe:2.3:o:linux:linux_kernel:4.17:rc1
  Linux Kernel 4.17 Rc2 cpe:2.3:o:linux:linux_kernel:4.17:rc2
  Linux Kernel 4.17 Rc3 cpe:2.3:o:linux:linux_kernel:4.17:rc3

Configuration #2

    CPE23 From Up To
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts
  Canonical Ubuntu Linux 17.10 cpe:2.3:o:canonical:ubuntu_linux:17.10

Configuration #3

    CPE23 From Up To
  Debian Linux 8.0 cpe:2.3:o:debian:debian_linux:8.0
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0

Configuration #4

    CPE23 From Up To
  Redhat Enterprise Linux 7.0 cpe:2.3:o:redhat:enterprise_linux:7.0
  Redhat Enterprise Linux Desktop 7.0 cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  Redhat Enterprise Linux Server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0
  Redhat Enterprise Linux Server Aus 7.2 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2
  Redhat Enterprise Linux Server Aus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3
  Redhat Enterprise Linux Server Aus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
  Redhat Enterprise Linux Server Eus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3
  Redhat Enterprise Linux Server Eus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4
  Redhat Enterprise Linux Server Eus 7.5 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
  Redhat Enterprise Linux Server Tus 7.2 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2
  Redhat Enterprise Linux Server Tus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3
  Redhat Enterprise Linux Server Tus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4
  Redhat Enterprise Linux Virtualization 4.0 cpe:2.3:o:redhat:enterprise_linux_virtualization:4.0
  Redhat Enterprise Linux Workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0