CVE-2018-1087

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.

References

http://www.openwall.com/lists/oss-security/2018/05/08/5

http://www.securityfocus.com/bid/104127

http://www.securitytracker.com/id/1040862

https://access.redhat.com/errata/RHSA-2018:1318

https://access.redhat.com/errata/RHSA-2018:1345

https://access.redhat.com/errata/RHSA-2018:1347

https://access.redhat.com/errata/RHSA-2018:1348

https://access.redhat.com/errata/RHSA-2018:1355

https://access.redhat.com/errata/RHSA-2018:1524

https://access.redhat.com/security/vulnerabilities/pop_ss

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1087

https://usn.ubuntu.com/3641-1/

https://usn.ubuntu.com/3641-2/

https://www.debian.org/security/2018/dsa-4196

Details

Source: MITRE

Published: 2018-05-15

Updated: 2019-10-09

Risk Information

CVSS v2

Base Score: 4.6

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (46 total)

IDNameProductFamilySeverity
136910NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2020-0028)NessusNewStart CGSL Local Security Checks
high
127222NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0044)NessusNewStart CGSL Local Security Checks
high
118252SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1173-2)NessusSuSE Local Security Checks
high
117574EulerOS Virtualization 2.5.1 : kvm (EulerOS-SA-2018-1265)NessusHuawei Local Security Checks
high
117573EulerOS Virtualization 2.5.0 : kvm (EulerOS-SA-2018-1264)NessusHuawei Local Security Checks
high
110378SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1548-1)NessusSuSE Local Security Checks
high
110376SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1545-1)NessusSuSE Local Security Checks
high
110369SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1536-1)NessusSuSE Local Security Checks
high
110367SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1534-1)NessusSuSE Local Security Checks
high
110363SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1530-1)NessusSuSE Local Security Checks
high
110358SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1524-1)NessusSuSE Local Security Checks
high
110357SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1523-1)NessusSuSE Local Security Checks
high
110356SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1522-1)NessusSuSE Local Security Checks
high
110352SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1518-1)NessusSuSE Local Security Checks
high
110350SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1516-1)NessusSuSE Local Security Checks
high
110346SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1511-1)NessusSuSE Local Security Checks
high
110345SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1510-1)NessusSuSE Local Security Checks
high
110340SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1505-1)NessusSuSE Local Security Checks
high
110245CentOS 7 : kernel (CESA-2018:1318)NessusCentOS Local Security Checks
high
110234Virtuozzo 7 : anaconda / anaconda-core / anaconda-dracut / etc (VZA-2018-037)NessusVirtuozzo Local Security Checks
high
110197Amazon Linux AMI : kernel (ALAS-2018-1023)NessusAmazon Linux Local Security Checks
high
110196Amazon Linux 2 : kernel (ALAS-2018-1023)NessusAmazon Linux Local Security Checks
high
110157Virtuozzo 6 : cpupools / cpupools-features / etc (VZA-2018-034)NessusVirtuozzo Local Security Checks
high
110113RHEL 6 / 7 : Virtualization (RHSA-2018:1711) (Spectre)NessusRed Hat Local Security Checks
high
110112RHEL 7 : Virtualization (RHSA-2018:1710) (Spectre)NessusRed Hat Local Security Checks
high
109922Virtuozzo 7 : readykernel-patch (VZA-2018-030)NessusVirtuozzo Local Security Checks
medium
109909RHEL 7 : Virtualization (RHSA-2018:1524)NessusRed Hat Local Security Checks
high
109813EulerOS 2.0 SP3 : kernel (EulerOS-SA-2018-1121)NessusHuawei Local Security Checks
high
109758SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1221-1)NessusSuSE Local Security Checks
high
109757SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1220-1)NessusSuSE Local Security Checks
high
109667OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0040)NessusOracleVM Local Security Checks
high
109665Oracle Linux 7 : kernel (ELSA-2018-1318)NessusOracle Linux Local Security Checks
high
109658Debian DSA-4196-1 : linux - security updateNessusDebian Local Security Checks
high
109650Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : linux, linux-aws, linux-azure, linux-euclid, linux-gcp, linux-hwe, (USN-3641-1)NessusUbuntu Local Security Checks
high
109647SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1173-1)NessusSuSE Local Security Checks
high
109646SUSE SLES11 Security Update : kernel (SUSE-SU-2018:1172-1)NessusSuSE Local Security Checks
high
109645SUSE SLES11 Security Update : kernel (SUSE-SU-2018:1171-1)NessusSuSE Local Security Checks
high
109644Scientific Linux Security Update : kernel on SL7.x x86_64 (20180508)NessusScientific Linux Local Security Checks
high
109642RHEL 7 : kernel-rt (RHSA-2018:1355)NessusRed Hat Local Security Checks
high
109638RHEL 7 : kernel (RHSA-2018:1348)NessusRed Hat Local Security Checks
high
109637RHEL 7 : kernel (RHSA-2018:1347)NessusRed Hat Local Security Checks
high
109635RHEL 7 : kernel (RHSA-2018:1345)NessusRed Hat Local Security Checks
high
109633RHEL 7 : kernel (RHSA-2018:1318)NessusRed Hat Local Security Checks
high
109630Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4096)NessusOracle Linux Local Security Checks
high
109620EulerOS 2.0 SP2 : kernel (EulerOS-SA-2018-1120)NessusHuawei Local Security Checks
high
109619EulerOS 2.0 SP1 : kernel (EulerOS-SA-2018-1119)NessusHuawei Local Security Checks
high