CVE-2019-3887

CVSS v3.1 5.6 (Medium)

CVSS v2.0 4.7 (Medium)

EPSS 0.05 % (21^th)

Affected Products 11

Advisories 9

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

Weaknesses

CWE-863: Incorrect Authorization

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2019-04-09 16:29:01
(5 years ago)
Updated Date: 2023-02-12 23:38:42
(19 months ago)

Affected Products

Redhat

Configuration #1

		CPE23	From	Up To
	Linux Kernel from 4.16 version	cpe:2.3:o:linux:linux_kernel	>= 4.16

Configuration #2

		CPE23	From	Up To
	Fedoraproject Fedora 29	cpe:2.3:o:fedoraproject:fedora:29

Configuration #3

		CPE23	From	Up To
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts
	Canonical Ubuntu Linux 18.10	cpe:2.3:o:canonical:ubuntu_linux:18.10
	Canonical Ubuntu Linux 19.04	cpe:2.3:o:canonical:ubuntu_linux:19.04

Configuration #4

		CPE23	From	Up To
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0
	Redhat Enterprise Linux Eus 8.1	cpe:2.3:o:redhat:enterprise_linux_eus:8.1
	Redhat Enterprise Linux Eus 8.2	cpe:2.3:o:redhat:enterprise_linux_eus:8.2
	Redhat Enterprise Linux Eus 8.4	cpe:2.3:o:redhat:enterprise_linux_eus:8.4
	Redhat Enterprise Linux for Real Time 8	cpe:2.3:o:redhat:enterprise_linux_for_real_time:8
	Redhat Enterprise Linux for Real Time For Nfv 8	cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8
	Redhat Enterprise Linux for Real Time For Nfv Tus 8.2	cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2
	Redhat Enterprise Linux for Real Time For Nfv Tus 8.4	cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4
	Redhat Enterprise Linux for Real Time Tus 8.2	cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2
	Redhat Enterprise Linux for Real Time Tus 8.4	cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4
	Redhat Enterprise Linux Server Aus 8.2	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2
	Redhat Enterprise Linux Server Aus 8.4	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4
	Redhat Enterprise Linux Server Tus 8.2	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2
	Redhat Enterprise Linux Server Tus 8.4	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4

Weaknesses

Affected Products

Canonical

Fedoraproject

Linux

Redhat

Configuration #1

Configuration #2

Configuration #3

Configuration #4