CVE-2017-7518

MEDIUM

Linux kernel <4.12 - Privilege Escalation

Title source: llm

Description

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.

References (12)

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:0412

[Permissions Required, Third Party Advisory] https://access.redhat.com/articles/3290921

[Third Party Advisory] https://usn.ubuntu.com/3619-2/

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:0395

[Third Party Advisory] https://usn.ubuntu.com/3754-1/

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1038782

[Issue Tracking, Patch, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518

[Mailing List, Patch, Third Party Advisory] http://www.openwall.com/lists/oss-security/2017/06/23/5

[Third Party Advisory] https://usn.ubuntu.com/3619-1/

[Third Party Advisory] https://www.debian.org/security/2017/dsa-3981

[Mailing List, Patch] https://www.spinics.net/lists/kvm/msg151817.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/99263

Scores

CVSS v3 5.5

EPSS 0.0009

EPSS Percentile 25.4%

Attack Vector ADJACENT_NETWORK

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-755 CWE-250

Status published

Products (12)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

debian/debian_linux 8.0

debian/debian_linux 9.0

linux/linux_kernel < 4.12

redhat/enterprise_linux 7.0

redhat/enterprise_linux_desktop 7.0

redhat/enterprise_linux_server 7.0

redhat/enterprise_linux_server_aus 7.4

redhat/enterprise_linux_server_eus 7.4

... and 2 more

Published Jul 30, 2018

Tracked Since Feb 18, 2026