#VU12520 Improper check or handling of exceptional conditions in Linux kernel - CVE-2018-1087
Published: May 10, 2018
Vulnerability identifier: #VU12520
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-1087
CWE-ID: CWE-703
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows an adjacent attacker to cause DoS condition or gain elevated privileges on the target system.
The weakness exists in the Linux kernel KVM hypervisor due to improper handling of debug exceptions delivered after a stack switch operation via mov SS or pop SS instructions. During the stack switch operation, the exceptions are deferred. An adjacent attacker can cause the service to crash or gain root privileges.
The weakness exists in the Linux kernel KVM hypervisor due to improper handling of debug exceptions delivered after a stack switch operation via mov SS or pop SS instructions. During the stack switch operation, the exceptions are deferred. An adjacent attacker can cause the service to crash or gain root privileges.
Remediation
Update to version 4.16-rc7.