CVE 2017-7518
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.
Related bugs and status
CVE-2017-7518 (Candidate) is related to these bugs:
Bug #1774181: Update to upstream's implementation of Spectre v1 mitigation
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1774181 | Update to upstream's implementation of Spectre v1 mitigation | linux (Ubuntu) | Undecided | Invalid | ||
1774181 | Update to upstream's implementation of Spectre v1 mitigation | linux (Ubuntu Precise) | Undecided | Fix Released | ||
1774181 | Update to upstream's implementation of Spectre v1 mitigation | linux (Ubuntu Trusty) | Undecided | Fix Released | ||
1774181 | Update to upstream's implementation of Spectre v1 mitigation | linux (Ubuntu Xenial) | Undecided | Fix Released |
Bug #1775137: Prevent speculation on user controlled pointer
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1775137 | Prevent speculation on user controlled pointer | linux (Ubuntu) | Undecided | Invalid | ||
1775137 | Prevent speculation on user controlled pointer | linux (Ubuntu Xenial) | Undecided | Fix Released | ||
1775137 | Prevent speculation on user controlled pointer | linux (Ubuntu Precise) | Undecided | Fix Released | ||
1775137 | Prevent speculation on user controlled pointer | linux (Ubuntu Trusty) | Undecided | Fix Released |
Bug #1777029: fscache: Fix hanging wait on page discarded by writeback
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1777029 | fscache: Fix hanging wait on page discarded by writeback | linux (Ubuntu) | High | Confirmed | ||
1777029 | fscache: Fix hanging wait on page discarded by writeback | linux (Ubuntu Bionic) | High | Fix Released | ||
1777029 | fscache: Fix hanging wait on page discarded by writeback | linux (Ubuntu Trusty) | High | Fix Released | ||
1777029 | fscache: Fix hanging wait on page discarded by writeback | linux (Ubuntu Artful) | High | Won't Fix | ||
1777029 | fscache: Fix hanging wait on page discarded by writeback | linux (Ubuntu Xenial) | High | Fix Released |
Bug #1779923: other users' coredumps can be read via setgid directory and killpriv bypass
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1779923 | other users' coredumps can be read via setgid directory and killpriv bypass | linux (Ubuntu) | Medium | Fix Released | ||
1779923 | other users' coredumps can be read via setgid directory and killpriv bypass | linux (Ubuntu Trusty) | Medium | Fix Released | ||
1779923 | other users' coredumps can be read via setgid directory and killpriv bypass | linux (Ubuntu Cosmic) | Medium | Won't Fix | ||
1779923 | other users' coredumps can be read via setgid directory and killpriv bypass | linux (Ubuntu Bionic) | Medium | Fix Released | ||
1779923 | other users' coredumps can be read via setgid directory and killpriv bypass | linux (Ubuntu Xenial) | Medium | Fix Released |
Bug #1787982: linux: 3.13.0-157.207 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1787982 | linux: 3.13.0-157.207 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1787982 | linux: 3.13.0-157.207 -proposed tracker | linux (Ubuntu Trusty) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.