4 matches found
CVE-2017-1000252
CVE-2017-1000252 : The Linux kernel KVM subsystem (arch/x86/kvm/vmx.c and virt/kvm/eventfd.c) is vulnerable to a denial of service caused by an out-of-bounds guest_irq value. The issue allows a local guest OS user to trigger an assertion failure, leading to a hypervisor hang or crash. The descrip...
CVE-2017-12153
CVE-2017-12153 refers to a security flaw in the Linux kernel where nl80211_set_rekey_data() in net/wireless/nl80211.c does not validate required Netlink attributes, enabling a local attacker with CAP_NET_ADMIN to trigger a NULL pointer dereference and system crash. The vulnerability is described ...
CVE-2017-12154
The CVE-2017-12154 entry describes a Linux kernel KVM/vmx issue (arch/x86/kvm/vmx.c: prepare_vmcs02) present through kernel 4.13.3. Root cause: it does not ensure that the CR8-load exiting and CR8-store exiting vmcs02 controls exist when L1 omits the use_TPR_shadow VMCS12 control, enabling a KVM ...
CVE-2017-14991
Consolidated details from connected advisories show CVE-2017-14991 affects the Linux kernel sg_ioctl path (drivers/scsi/sg.c) with vulnerable code in sg_get_request_table handling for /dev/sg0. The flaw exists in kernels before 4.13.4, allowing local attackers to read uninitialized kernel heap me...