Errata ALT-PU-2017-2381-1: Information
Package name: kernel-image-std-def
Version: 4.9.53-alt0.M80P.1
Bulletin updated: Oct. 6, 2017
Task: #190303
Fixes
Published: Sept. 26, 2017
Modified: Oct. 3, 2019
Modified: Oct. 3, 2019
CVE-2017-1000252
The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://github.com/torvalds/linux/commit/3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb
- https://github.com/torvalds/linux/commit/36ae3c0a36b7456432fedce38ae2f7bd3e01a563
- https://bugzilla.redhat.com/show_bug.cgi?id=1490781
- http://www.openwall.com/lists/oss-security/2017/09/15/4
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563
- https://marc.info/?l=kvm&m=150549146311117&w=2
- https://marc.info/?l=kvm&m=150549145711115&w=2
- 101022
- DSA-3981
- RHSA-2018:1062
- RHSA-2018:0676
- RHSA-2018:1130
Published: Sept. 21, 2017
Modified: Oct. 10, 2019
Modified: Oct. 10, 2019
CVE-2017-12153
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.
Severity: MEDIUM (4.4) Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=e785fa0a164aa11001cba931367c7f94ffaff888
- https://bugzilla.redhat.com/show_bug.cgi?id=1491046
- https://bugzilla.novell.com/show_bug.cgi?id=1058410
- http://seclists.org/oss-sec/2017/q3/437
- https://marc.info/?t=150525503100001&r=1&w=2
- 100855
- DSA-3981
- USN-3583-2
- USN-3583-1
Published: Sept. 26, 2017
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2017-12154
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.
Severity: HIGH (7.1) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Links:
- https://www.spinics.net/lists/kvm/msg155414.html
- https://github.com/torvalds/linux/commit/51aa68e7d57e3217192d88ce90fd5b8ef29ec94f
- https://bugzilla.redhat.com/show_bug.cgi?id=1491224
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51aa68e7d57e3217192d88ce90fd5b8ef29ec94f
- 100856
- DSA-3981
- RHSA-2018:1062
- RHSA-2018:0676
- USN-3698-2
- USN-3698-1
- RHSA-2019:1946