CVE-2018-10901: A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to…

CVE-2018-10901 [HIGH] GHSA-8j5h-gvcc-pfhw: A flaw was found in Linux kernel's KVM virtualization subsystem A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

CVE-2018-10901 [HIGH] CVE-2018-10901: A flaw was found in Linux kernel's KVM virtualization subsystem A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

CVE-2018-10901 [HIGH] CVE-2018-10901: linux - A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code do... A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2018-10901 [HIGH] CWE-665 kernel: kvm: vmx: host GDT limit corruption kernel: kvm: vmx: host GDT limit corruption A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges. A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges. Package: kernel (Red Ha

CVE-2018-10901 [HIGH] CVE-2018-10901 kernel: kvm: vmx: host GDT limit corruption CVE-2018-10901 kernel: kvm: vmx: host GDT limit corruption A flaw was found in Linux kernel in the KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. This can lead to a privilege escalation. An upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3444d7da1839b851eefedd372978d8a982316c36 Discussion: Notes: Only Red Hat Enterprise Linux 6 is vulnerable to a possible privilege escalation due to this flaw. Other Red Hat products are not vulnerable to this flaw. --- Acknowledgments: Name: Vegard Nossum (Oracle Corporation) -