The vulnerability of the virtualization subsystem in Linux kernel-based virtual machines allows attackers to increase their privileges.

The vulnerability of the KVM virtualization subsystem in the Linux operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

kernel: kvm: vmx: host GDT limit corruption

A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cp...

UBUNTU-CVE-2018-10901

A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cp...

PT-2014-5417 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 3.17.2 Description: The WRMSR processing functionality in the KVM subsystem does not properly handle the writing of a non-canonical address to a model-specific register. This allows guest OS users to cause a deni...

PT-2014-5434 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.12 Description: The issue is related to the KVM subsystem in the Linux kernel, specifically in the arch/x86/kvm/vmx.c file. It does not have an exit handler for the INVEPT instruction, which allows guest OS...