Red Hat Bugzilla – Bug 1527112
CVE-2017-17741 kernel: kvm: stack-based out-of-bounds read via vmcall instruction
Last modified: 2018-11-16 10:26:22 EST
Linux kernel built with the KVM virtualization(CONFIG_KVM) support is vulnerable
to an out-of-bounds read access issue. It could occur when emulating vmcall instruction invoked by a guest.
A guest user/process could use this flaw to disclose kernel memory bytes.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1527113]
This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.
This issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 6 and 7.
This has been rated as having Low security impact and is not currently
planned to be addressed in future updates. For additional information, refer
to the Red Hat Enterprise Linux Life Cycle:
Fixed by upstream commit e39d200fa5bf5b94a0948db0dae44c1b73b84a56, included in Linux 4.15