Lucene search

K

Redhat.comRH:CVE-2017-2596

HistoryJan 31, 2017 - 7:47 a.m.

CVE-2017-2596

2017-01-3107:47:49

redhat.com

access.redhat.com

11

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to host memory leakage issue. It could occur while emulating VMXON instruction in ‘handle_vmon’. An L1 guest user could use this flaw to leak host memory potentially resulting in DoS.

References

bugzilla.redhat.com/show_bug.cgi?id=1417812

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

Related for RH:CVE-2017-2596

openvas14 debiancve1 cve1 fedora2 veracode1 nessus21 ubuntucve1 prion1 ubuntu4 suse4 debian2 osv1 cloudfoundry1 oraclelinux3 ibm2 redhat2 centos1