CVE-2018-10853

CWE-250CWE-269Improper Privilege Management11 documents9 sources
Severity
7.8HIGH
EPSS
0.0%
top 91.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux Linux KernelLinux KernelCanonical Ubuntu Linux+1 more
Timeline
PublishedSep 11
Latest updateMay 13

Description

A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages3 packages

NVDlinux/linux_kernel< 4.18
CVEListV5linux/kernel4.18
Debianlinux< 4.16.16-1+3

Also affects: Debian Linux 8.0, Ubuntu Linux 16.04, 18.04

Patches

Patch: bugzilla.redhat.comPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

4
GHSA
GHSA-vhcx-55j8-pv9c: A flaw was found in the way Linux kernel KVM hypervisor before 42022-05-13
OSV
CVE-2018-10853: A flaw was found in the way Linux kernel KVM hypervisor before 42018-09-11
CVEList
CVE-2018-10853: A flaw was found in the way Linux kernel KVM hypervisor before 42018-09-11
Kernel
kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access2018-06-06

📋Vendor Advisories

4
Ubuntu
Linux kernel (HWE) vulnerabilities2018-10-01
Ubuntu
Linux kernel vulnerabilities2018-10-01
Red Hat
kernel: kvm: guest userspace to guest kernel write2018-06-05
Debian
CVE-2018-10853: linux - A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated ins...2018

💬Community

2
Bugzilla
CVE-2018-10853 kernel: kvm: guest userspace to guest kernel write2018-06-11
Bugzilla
CVE-2018-10853 kernel: kvm: guest userspace to guest kernel write [fedora-all]2018-06-11
CVE-2018-10853 (HIGH CVSS 7.8) | A flaw was found in the way Linux k | cvebase.io