A flaw was found in the way Linux kernel KVM hypervisor emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. Upstream patch: --------------- -> https://git.kernel.org/linus/3c9fa24ca7c9c47605672916491f79e8ccacb9e6 Issue introduced in: (kernel v4.10+) -------------------- -> https://git.kernel.org/linus/129a72a0d3c8e139a04512325384fe5ac119e74 Reference: ---------- -> http://www.openwall.com/lists/oss-security/2018/09/02/1
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1589892]
Acknowledgments: Name: Andy Lutomirski, Mika Penttilä
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2029
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:2043 https://access.redhat.com/errata/RHSA-2019:2043
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-10853
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.5 Extended Update Support Via RHSA-2020:0036 https://access.redhat.com/errata/RHSA-2020:0036
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Advanced Update Support Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions Red Hat Enterprise Linux 7.4 Telco Extended Update Support Via RHSA-2020:0103 https://access.redhat.com/errata/RHSA-2020:0103
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Extended Update Support Via RHSA-2020:0179 https://access.redhat.com/errata/RHSA-2020:0179