Back to search
CVE-2017-2596
Published: Feb 6, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=1417812
x_refsource_CONFIRM
[oss-security] 20170131 CVE-2017-2596 Kernel: kvm: page reference leakage in handle_vmon
mailing-list
x_refsource_MLIST
95878
vdb-entry
x_refsource_BID
RHSA-2017:2077
vendor-advisory
x_refsource_REDHAT
RHSA-2017:1842
vendor-advisory
x_refsource_REDHAT
DSA-3791
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now