CVE-2017-12188 Information

Description

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5 when nested virtualisation is used does not properly traverse guest pagetable entries to resolve a guest virtual address which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking and host OS crash) aka an \MMU potential stack buffer overrun.\

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/101267 https://access.redhat.com/errata/RHSA-2018:0395 https://access.redhat.com/errata/RHSA-2018:0412 https://bugzilla.redhat.com/show_bug.cgi?id=1500380 https://patchwork.kernel.org/patch/9996579/ https://patchwork.kernel.org/patch/9996587/

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8