- Home
- CVEs with nessus.description==This+update+for+the+Linux+Kernel+4.4.120-92_70+fixes+several+issues.%0AThe+following+security+issues+were+fixed+%3A%0A%0A++-+CVE-2018-8897%3A+A+statement+in+the+System+Programming+++++Guide+of+the+Intel+64+and+IA-32+Architectures+Software+++++Developer%27s+Manual+%28SDM%29+was+mishandled+in+the+++++development+of+some+or+all+operating-system+kernels%2C+++++resulting+in+unexpected+behavior+for+%23DB+exceptions+that+++++are+deferred+by+MOV+SS+or+POP+SS%2C+as+demonstrated+by+++++%28for+example%29+privilege+escalation+in+Windows%2C+macOS%2C+++++some+Xen+configurations%2C+or+FreeBSD%2C+or+a+Linux+kernel+++++crash.+The+MOV+to+SS+and+POP+SS+instructions+inhibit+++++interrupts+%28including+NMIs%29%2C+data+breakpoints%2C+and+++++single+step+trap+exceptions+until+the+instruction+++++boundary+following+the+next+instruction+%28SDM+Vol.+3A%3B%0A++++section+6.8.3%29.+%28The+inhibited+data+breakpoints+are+++++those+on+memory+accessed+by+the+MOV+to+SS+or+POP+to+SS+++++instruction+itself.%29+Note+that+debug+exceptions+are+not+++++inhibited+by+the+interrupt+enable+%28EFLAGS.IF%29+system+++++flag+%28SDM+Vol.+3A%3B+section+2.3%29.+If+the+instruction+++++following+the+MOV+to+SS+or+POP+to+SS+instruction+is+an+++++instruction+like+SYSCALL%2C+SYSENTER%2C+INT+3%2C+etc.+that+++++transfers+control+to+the+operating+system+at+CPL+is+++++complete.+OS+kernels+may+not+expect+this+order+of+events+++++and+may+therefore+experience+unexpected+behavior+when+it+++++occurs+%28bsc%231090368%29.%0A%0A++-+CVE-2018-8781%3A+The+udl_fb_mmap+function+in+++++drivers%2Fgpu%2Fdrm%2Fudl%2Fudl_fb.c+had+an+integer-overflow+++++vulnerability+allowing+local+users+with+access+to+the+++++udldrmfb+driver+to+obtain+full+read+and+write+++++permissions+on+kernel+physical+pages%2C+resulting+in+a+++++code+execution+in+kernel+space+%28bsc%231090646%29.%0A%0A++-+bsc%231083125%3A+Fixed+kgraft%3A+small+race+in+reversion+code%0A%0A++-+CVE-2018-1087%3A+kernel+KVM+was+vulnerable+to+a+flaw+in+++++the+way+the+Linux+kernel%27s+KVM+hypervisor+handled+++++exceptions+delivered+after+a+stack+switch+operation+via+++++Mov+SS+or+Pop+SS+instructions.+During+the+stack+switch+++++operation%2C+the+processor+did+not+deliver+interrupts+and+++++exceptions%2C+rather+they+are+delivered+once+the+first+++++instruction+after+the+stack+switch+is+executed.+An+++++unprivileged+KVM+guest+user+could+use+this+flaw+to+crash+++++the+guest+or%2C+potentially%2C+escalate+their+privileges+in+++++the+guest+%28bsc%231090869%29+before%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+SUSE+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top