CVE-2019-3887

Sažetak

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3887
http://www.securityfocus.com/bid/107850
https://usn.ubuntu.com/3980-1/
https://usn.ubuntu.com/3979-1/
https://usn.ubuntu.com/3980-2/
https://access.redhat.com/errata/RHSA-2019:2703
https://access.redhat.com/errata/RHSA-2019:2741
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWPOIII2L73HV5PGXSGMRMKQIK47UIYE/

CVSS

Base:	4.7
Impact:	6.9
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

12-02-2023 - 23:38

Objavljeno

09-04-2019 - 16:29