CVE-2018-1087
First published: Fri Apr 13 2018(Updated: )
A flaw was found in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest and/or potentially escalate their privileges in the guest. Upstream patch: --------------- -> <a href="https://git.kernel.org/linus/32d43cd391bacb5f0814c2624399a5dad3501d09">https://git.kernel.org/linus/32d43cd391bacb5f0814c2624399a5dad3501d09</a> Reference: ---------- -> <a href="http://www.openwall.com/lists/oss-security/2018/05/08/5">http://www.openwall.com/lists/oss-security/2018/05/08/5</a>
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | =4.16 | |
| Linux Linux kernel | =4.16-rc7 | |
| Linux Linux kernel | =4.17-rc1 | |
| Linux Linux kernel | =4.17-rc2 | |
| Linux Linux kernel | =4.17-rc3 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =17.10 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Server Aus | =7.2 | |
| Redhat Enterprise Linux Server Aus | =7.3 | |
| Redhat Enterprise Linux Server Aus | =7.4 | |
| Redhat Enterprise Linux Server Eus | =7.3 | |
| Redhat Enterprise Linux Server Eus | =7.4 | |
| Redhat Enterprise Linux Server Eus | =7.5 | |
| Redhat Enterprise Linux Server Tus | =7.2 | |
| Redhat Enterprise Linux Server Tus | =7.3 | |
| Redhat Enterprise Linux Server Tus | =7.4 | |
| Redhat Enterprise Linux Virtualization | =4.0 | |
| Redhat Enterprise Linux Workstation | =7.0 | |
| redhat/kernel | <4.16 | 4.16 |
| debian/linux | 5.10.223-1 6.1.106-3 6.1.99-1 6.10.9-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2018/05/08/5
- http://www.securityfocus.com/bid/104127
- http://www.securitytracker.com/id/1040862
- https://access.redhat.com/errata/RHSA-2018:1318
- https://access.redhat.com/errata/RHSA-2018:1345
- https://access.redhat.com/errata/RHSA-2018:1347
- https://access.redhat.com/errata/RHSA-2018:1348
- https://access.redhat.com/errata/RHSA-2018:1355
- https://access.redhat.com/errata/RHSA-2018:1524
- https://access.redhat.com/security/vulnerabilities/pop_ss
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1087
- https://usn.ubuntu.com/3641-1/
- https://usn.ubuntu.com/3641-2/
- https://www.debian.org/security/2018/dsa-4196
- https://launchpad.net/bugs/cve/CVE-2018-1087
- https://git.kernel.org/linus/32d43cd391bacb5f0814c2624399a5dad3501d09
- https://bugzilla.redhat.com/show_bug.cgi?id=1566837
- https://www.openwall.com/lists/oss-security/2018/05/08/5
- https://security-tracker.debian.org/tracker/CVE-2018-1087
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1087
- https://nvd.nist.gov/vuln/detail/CVE-2018-1087
- https://ubuntu.com/security/CVE-2018-1087
- collector/nvd-index
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2018-1087
- agent/software-canonical-lookup
- collector/nvd-cve
- source/NVD
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/event
- agent/references
- agent/tags
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/4.16
- version/linux linux kernel/4.16-rc7
- version/linux linux kernel/4.17-rc1
- version/linux linux kernel/4.17-rc2
- version/linux linux kernel/4.17-rc3
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/17.10
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/7.0
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/7.2
- version/redhat enterprise linux server aus/7.3
- version/redhat enterprise linux server aus/7.4
- canonical/redhat enterprise linux server eus
- version/redhat enterprise linux server eus/7.3
- version/redhat enterprise linux server eus/7.4
- version/redhat enterprise linux server eus/7.5
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/7.2
- version/redhat enterprise linux server tus/7.3
- version/redhat enterprise linux server tus/7.4
- canonical/redhat enterprise linux virtualization
- version/redhat enterprise linux virtualization/4.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/7.0
- package-manager/redhat
- package-manager/debian