Linux kernel built with the KVM virtualisation support(CONFIG_KVM), with nested virtualisation(nVMX) feature enabled(nested=1), is vulnerable to a stack buffer overflow issue. It could occur while traversing guest pagetable entries to resolve guest virtual address(gva). A L1 guest could use this flaw to crash the host kernel resulting in DoS. OR potentially execute arbitrary code on the host to gain access to the host system. Upstream patch: --------------- -> https://www.spinics.net/lists/kvm/msg156651.html Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/10/12/17
Upstream patches: https://patchwork.kernel.org/patch/9996579/ https://patchwork.kernel.org/patch/9996587/
Not sure why the above statement is not inline with the whiteboard: rhel-7/kernel=affected ?
Statement: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:0412 https://access.redhat.com/errata/RHSA-2018:0412
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:0395 https://access.redhat.com/errata/RHSA-2018:0395