Linux Kernel up to 4.13.3 KVM Subsystem arch/x86/kvm/vmx.c input validation

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 4.13.3 (Operating System). Affected is some unknown functionality of the file arch/x86/kvm/vmx.c of the component KVM Subsystem. Applying a patch is able to eliminate this problem. The bugfix is ready for download at git.kernel.org. A possible mitigation has been published before and not just after the disclosure of the vulnerability.

Field09/26/2017 03:11 PM11/19/2019 04:18 PM01/14/2021 01:14 PM
typeOperating SystemOperating SystemOperating System
vendorLinuxLinuxLinux
nameKernelKernelKernel
version<=4.13.3<=4.13.3<=4.13.3
componentKVM SubsystemKVM SubsystemKVM Subsystem
filearch/x86/kvm/vmx.carch/x86/kvm/vmx.carch/x86/kvm/vmx.c
cwe20 (privilege escalation)20 (privilege escalation)20 (privilege escalation)
risk111
cvss2_vuldb_basescore2.12.12.1
cvss2_vuldb_tempscore1.81.81.8
cvss2_vuldb_avLLL
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss2_nvd_avLLL
cvss2_nvd_acLLL
cvss2_nvd_auNNN
cvss2_nvd_ciNNN
cvss2_nvd_iiNNN
cvss2_nvd_aiPPP
cvss3_meta_basescore4.44.44.4
cvss3_meta_tempscore4.24.24.2
cvss3_vuldb_basescore3.33.33.3
cvss3_vuldb_tempscore3.23.23.2
cvss3_vuldb_avLLL
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
cvss3_nvd_avLLL
cvss3_nvd_acLLL
cvss3_nvd_prLLL
cvss3_nvd_uiNNN
cvss3_nvd_sUUU
cvss3_nvd_cNNN
cvss3_nvd_iNNN
cvss3_nvd_aHHH
date1506384000 (09/26/2017)1506384000 (09/26/2017)1506384000 (09/26/2017)
locationGIT RepositoryGIT RepositoryGIT Repository
typeGIT CommitGIT CommitGIT Commit
urlhttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563
price_0day$0-$5k$0-$5k$5k-$25k
namePatchPatchPatch
patch_urlhttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563
cveCVE-2017-1000252CVE-2017-1000252CVE-2017-1000252
cve_assigned150638400015063840001506384000
cve_nvd_published150638400015063840001506384000
cve_nvd_summaryThe KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.
oval_idoval:org.cisecurity:def:3328oval:org.cisecurity:def:3328oval:org.cisecurity:def:3328
securityfocus101022101022101022
securityfocus_titleLinux Kernel CVE-2017-1000252 Multiple Local Denial of Service VulnerabilitiesLinux Kernel CVE-2017-1000252 Multiple Local Denial of Service VulnerabilitiesLinux Kernel CVE-2017-1000252 Multiple Local Denial of Service Vulnerabilities
nessus_id103365103365103365
nessus_nameDebian DSA-3981-1 : linux - security update (BlueBorne) (Stack Clash)Debian DSA-3981-1 : linux - security update (BlueBorne) (Stack Clash)Debian DSA-3981-1 : linux - security update (BlueBorne) (Stack Clash)
nessus_filenamedebian_DSA-3981.nasldebian_DSA-3981.nasldebian_DSA-3981.nasl
nessus_riskHighHighHigh
nessus_familyDebian Local Security ChecksDebian Local Security ChecksDebian Local Security Checks
nessus_typelocallocallocal
nessus_date1505952000 (09/21/2017)1505952000 (09/21/2017)1505952000 (09/21/2017)
openvas_id537545375453754
openvas_filenamedeb_3981.nasldeb_3981.nasldeb_3981.nasl
openvas_titleDebian Security Advisory DSA 3981-1 (linux - security update)Debian Security Advisory DSA 3981-1 (linux - security update)Debian Security Advisory DSA 3981-1 (linux - security update)
openvas_familyDebian Local Security ChecksDebian Local Security ChecksDebian Local Security Checks
qualys_id236735236735236735
qualys_titleRed Hat Update for kernel (RHSA-2018:1130)Red Hat Update for kernel (RHSA-2018:1130)Red Hat Update for kernel (RHSA-2018:1130)
seealso106296 106737106296 106737106296 106737
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcCCC
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
0day_days131313
cvss3_nvd_basescore5.55.55.5
discoverydate15047424001504742400
company_nameAmazonAmazon
confirm_urlhttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36ae3c0a36b7456432fedce38ae2f7bd3e01a563
date1505865600 (09/20/2017)1505865600 (09/20/2017)
securityfocus_date1506384000 (09/26/2017)1506384000 (09/26/2017)
securityfocus_classFailure to Handle Exceptional ConditionsFailure to Handle Exceptional Conditions
person_nameJan H. Schönherr
cvss2_nvd_basescore2.1

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!