CVE-2017-7518

MEDIUM

Linux kernel <4.12 - Privilege Escalation

Title source: llm
STIX 2.1

Description

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.

References (12)

Core 12
Core References
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:0412
Permissions Required, Third Party Advisory x_refsource_confirm
https://access.redhat.com/articles/3290921
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/3619-2/
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:0395
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/3754-1/
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038782
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518
Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2017/06/23/5
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/3619-1/
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2017/dsa-3981
Mailing List, Patch mailing-list x_refsource_mlist
https://www.spinics.net/lists/kvm/msg151817.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99263

Scores

CVSS v3 5.5
EPSS 0.0070
EPSS Percentile 48.1%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Details

CWE
CWE-755 CWE-250
Status published
Products (12)
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 16.04
debian/debian_linux 8.0
debian/debian_linux 9.0
linux/linux_kernel < 4.12
redhat/enterprise_linux 7.0
redhat/enterprise_linux_desktop 7.0
redhat/enterprise_linux_server 7.0
redhat/enterprise_linux_server_aus 7.4
redhat/enterprise_linux_server_eus 7.4
... and 2 more
Published Jul 30, 2018
Tracked Since Feb 18, 2026