QwikSec

Security Database

CVE

CWE

Training

CVE-2017-12154

Published: Sep 26, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.

Vendor	Product	Versions
n/a	Linux kernel through 4.13.3	affected `Linux kernel through 4.13.3`

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51aa68e7d57e3217192d88ce90fd5b8ef29ec94f

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1491224

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_DEBIAN

https://www.spinics.net/lists/kvm/msg155414.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

https://github.com/torvalds/linux/commit/51aa68e7d57e3217192d88ce90fd5b8ef29ec94f

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.