CVE-2018-10901

HIGH

Linux kernel - Privilege Escalation

Title source: llm
STIX 2.1

Description

A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.

References (11)

Core 11
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/104905
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2393
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2390
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2391
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2392
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2394
Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujul2020.html
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10901

Scores

CVSS v3 7.8
EPSS 0.0052
EPSS Percentile 39.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-665
Status published
Products (7)
linux/linux_kernel < 2.6.36
redhat/enterprise_linux_desktop 6.0
redhat/enterprise_linux_server 6.0
redhat/enterprise_linux_server_aus 6.4
redhat/enterprise_linux_server_aus 6.5
redhat/enterprise_linux_server_aus 6.6
redhat/enterprise_linux_workstation 6.0
Published Jul 26, 2018
Tracked Since Feb 18, 2026