← volver
CVE-2018-12904

CVE-2018-12904

EPSS 1.2%
In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL.
Productos afectados
n/a · n/a
PoCs públicas encontradas2
cve_referencewww.exploit-db.com/exploits/44944/no verificadoexploitdbwww.exploit-db.com/exploits/44944no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=727ba748e110b4de50d142edca9d6a9b7e6111d8https://bugs.chromium.org/p/project-zero/issues/detail?id=1589https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.2https://github.com/torvalds/linux/commit/727ba748e110b4de50d142edca9d6a9b7e6111d8https://usn.ubuntu.com/3752-1/https://usn.ubuntu.com/3752-2/https://usn.ubuntu.com/3752-3/https://www.exploit-db.com/exploits/44944/