Privilege Escalation

2020-04-1000:56:24

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.7 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:C/I:C/A:C

JSON

kernel is vulnerable to privilege escalation. The vulnerability exists as a flaw was found in the way the Xen hypervisor implementation checked for the upper boundary when getting a new event channel port. A privileged guest user could use this flaw to cause a denial of service or escalate their privileges.

CPENameOperatorVersion
kerneleq2.6.18__8.1.14.el5
kerneleq2.6.18__92.1.17.el5
kerneleq2.6.18__128.1.14.el5
kerneleq2.6.18__128.29.1.el5
kerneleq2.6.18__164.el5
kerneleq2.6.18__92.1.22.el5
kerneleq2.6.18__164.10.1.el5
kerneleq2.6.18__8.1.8.el5
kerneleq2.6.18__53.1.4.el5
kerneleq2.6.18__164.6.1.el5

Name	Operator	Version
kernel	eq	2.6.18__8.1.14.el5
kernel	eq	2.6.18__92.1.17.el5
kernel	eq	2.6.18__128.1.14.el5
kernel	eq	2.6.18__128.29.1.el5
kernel	eq	2.6.18__164.el5
kernel	eq	2.6.18__92.1.22.el5
kernel	eq	2.6.18__164.10.1.el5
kernel	eq	2.6.18__8.1.8.el5
kernel	eq	2.6.18__53.1.4.el5
kernel	eq	2.6.18__164.6.1.el5