1. Home
  2. Vulnerabilities
  3. CVE-2018-18021

CVE-2018-18021

CVSS v3.0 7.1 (High)
71% Progress
CVSS v2.0 3.6 (Low)
36% Progress
EPSS 0.06 % (28th)
0.06% Progress
Affected Products 3
Advisories 10
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control (with full register control). An attacker can also cause a denial of service (hypervisor panic) via an illegal exception return. This occurs because of insufficient restrictions on userspace access to the core register file, and because PSTATE.M validation does not prevent unintended execution modes.

Weaknesses
CWE-20
Improper Input Validation
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2018-10-07 06:29:00
(6 years ago)
Updated Date
2019-04-03 01:29:03
(5 years ago)

Affected Products

Canonical

Debian

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 4.18.12 version cpe:2.3:o:linux:linux_kernel < 4.18.12

Configuration #2

    CPE23 From Up To
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0

Configuration #3

    CPE23 From Up To
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts