Vulnerability identifier: #VU14495
Vulnerability risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows an adjacent attacker to conduct Spectre version 2 (Spectre-v2) attacks.
The vulnerability exists in the arch/x86/kernel/paravirt.c source code file due to improper handling of indirect calls to CALLEE_SAVE paravirtual functions. A remote attacker can access the system and execute an application that submits malicious input to access sensitive information, which could be used to conduct additional attacks.
Mitigation
Update to version 4.18.1.
Vulnerable software versions
Linux kernel: 4.17 - 4.17.18, 4.16 - 4.16.18, 4.4.150 - 4.4.151, 4.15.0 - 4.15.18
External links
http://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.1
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.