Launchpad CVE tracker

CVE 2017-8106

The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.

Related bugs and status

CVE-2017-8106 (Candidate) is related to these bugs:

Bug #1678676: linux_3.13.0-*.*: nVMX: Check current_vmcs12 before accessing in handle_invept()

Summary				In	Importance	Status
	1678676	linux_3.13.0-.: nVMX: Check current_vmcs12 before accessing in handle_invept()		linux (Ubuntu)	High	Invalid
	1678676	linux_3.13.0-.: nVMX: Check current_vmcs12 before accessing in handle_invept()		linux (Ubuntu Trusty)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.kerne...
MISC: https://launchpad.net/...

Launchpad.net

CVE 2017-8106

Related bugs and status

Related bugs

References