Bug 1527112 (CVE-2017-17741)
Summary: | CVE-2017-17741 kernel: kvm: stack-based out-of-bounds read via vmcall instruction | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | airlied, ajax, aquini, bhu, blc, bskeggs, dhoward, esammons, ewk, fhrbata, hdegoede, hkrzesin, hwkernel-mgr, iboverma, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, jkacur, john.j5live, jonathan, josef, jross, jwboyer, kernel-maint, kernel-mgr, labbott, lgoncalv, linville, matt, mchehab, mcressma, mjg59, mlangsdo, nmurray, pbonzini, plougher, ppandit, rt-maint, rvrbovsk, skozina, steved, vdronov, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
Linux kernel compiled with the KVM virtualization (CONFIG_KVM) support is vulnerable to an out-of-bounds read access issue. It could occur when emulating vmcall instructions invoked by a guest. A guest user/process could use this flaw to disclose kernel memory bytes.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2018-11-16 15:26:22 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1527113, 1527114 | ||
Bug Blocks: | 1527116 |
Description
Adam Mariš
2017-12-18 15:12:49 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1527113] Reproducer: Statement: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2. This issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 6 and 7. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/. Fixed by upstream commit e39d200fa5bf5b94a0948db0dae44c1b73b84a56, included in Linux 4.15 |