Main Vulnerability Database Vulnerabilities #VU14178

Privilege escalation in Linux kernel - CVE-2018-10901

Published: August 2, 2018

Vulnerability identifier: #VU14178

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2018-10901

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability existsin the Kernel-based Virtual Machine (KVM) virtualization subsystem due to the vmx.c source code file of the affected software fails to set the GDT.LIMIT value to the previous host value and instead sets it to 64 KB. A local attacker can place malicious entries in the Global Descriptor Table (GDT), submit a specially crafted request that submits malicious input and gain elevated privileges on the system.

How to mitigate CVE-2018-10901

Install update from vendor's website.

Sources

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3444d7da1839b851eefedd372978d8a982316c36

Privilege escalation in Linux kernel - CVE-2018-10901

Detailed vulnerability description

How to mitigate CVE-2018-10901

Sources

Please verify you're human