Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:12771
HistoryJan 15, 2019 - 9:21 a.m.

Arbitrary Code Execution

2019-01-1509:21:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

EPSS

0.001

Percentile

26.7%

kernel-rt is vulnerable to arbitrary code execution attacks. The vulnerability exists as arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash).