CVE-2018-18021

2018-10-0700:00:00

ubuntu.com

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

0.001 Low

EPSS

Percentile

27.0%

JSON

arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the
arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by
attackers who can create virtual machines. An attacker can arbitrarily
redirect the hypervisor flow of control (with full register control). An
attacker can also cause a denial of service (hypervisor panic) via an
illegal exception return. This occurs because of insufficient restrictions
on userspace access to the core register file, and because PSTATE.M
validation does not prevent unintended execution modes.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-47.50UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-139.165UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1035.37~16.04.1UNKNOWN
ubuntu16.04noarchlinux-hwe< 4.15.0-47.50~16.04.1UNKNOWN
ubuntu16.04noarchlinux-hwe-edge< 4.15.0-47.50~16.04.1UNKNOWN
ubuntu14.04noarchlinux-lts-xenial< 4.4.0-139.165~14.04.1UNKNOWN
ubuntu18.04noarchlinux-oracle< 4.15.0-1010.12UNKNOWN
ubuntu16.04noarchlinux-oracle< 4.15.0-1010.12~16.04.1UNKNOWN
ubuntu18.04noarchlinux-raspi2< 4.15.0-1033.35UNKNOWN
ubuntu16.04noarchlinux-raspi2< 4.4.0-1100.108UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< 4.15.0-47.50	UNKNOWN
ubuntu	16.04	noarch	linux	< 4.4.0-139.165	UNKNOWN
ubuntu	16.04	noarch	linux-aws-hwe	< 4.15.0-1035.37~16.04.1	UNKNOWN
ubuntu	16.04	noarch	linux-hwe	< 4.15.0-47.50~16.04.1	UNKNOWN
ubuntu	16.04	noarch	linux-hwe-edge	< 4.15.0-47.50~16.04.1	UNKNOWN
ubuntu	14.04	noarch	linux-lts-xenial	< 4.4.0-139.165~14.04.1	UNKNOWN
ubuntu	18.04	noarch	linux-oracle	< 4.15.0-1010.12	UNKNOWN
ubuntu	16.04	noarch	linux-oracle	< 4.15.0-1010.12~16.04.1	UNKNOWN
ubuntu	18.04	noarch	linux-raspi2	< 4.15.0-1033.35	UNKNOWN
ubuntu	16.04	noarch	linux-raspi2	< 4.4.0-1100.108	UNKNOWN