CVE-2018-10853
published 2018-09-11CVE-2018-10853: A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current…
high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 4.16.16-1 (bookworm) | linux 4.16.16-1 (bookworm) |
| linux | kernel | — | — |
| linux | linux_kernel | < 4.18 | 4.18 |
| linux | linux_kernel | >= 0 < 4.16.16-1 | 4.16.16-1 |
| linux | linux_kernel | >= 0 < 4.16.16-1 | 4.16.16-1 |
| linux | linux_kernel | >= 0 < 4.16.16-1 | 4.16.16-1 |
| linux | linux_kernel | >= 0 < 4.16.16-1 | 4.16.16-1 |
| linux | linux_kernel | >= 0 < 4.15.0-36.39 | 4.15.0-36.39 |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH