QwikSec

Security Database

CVE

CWE

Training

CVE-2018-18021

Published: Oct 7, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control (with full register control). An attacker can also cause a denial of service (hypervisor panic) via an illegal exception return. This occurs because of insufficient restrictions on userspace access to the core register file, and because PSTATE.M validation does not prevent unintended execution modes.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

https://github.com/torvalds/linux/commit/2a3f93459d689d990b3ecfbe782fec89b97d3279

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2018/10/02/2

x_refsource_MISC

https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.12

x_refsource_MISC

vendor-advisory

x_refsource_REDHAT

https://github.com/torvalds/linux/commit/d26c25a9d19b5976b319af528886f89cf455692d

x_refsource_MISC

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_UBUNTU

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2a3f93459d689d990b3ecfbe782fec89b97d3279

x_refsource_MISC

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d26c25a9d19b5976b319af528886f89cf455692d

x_refsource_MISC

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.