Все бюллетени/sisyphus/ALT-PU-2017-2379-1
ALT-PU-2017-2379-1

Обновление пакета kernel-image-std-pae в ветке sisyphus

Версия4.4.90-alt1
Задание#190302
Опубликовано2017-10-05
Макс. серьёзностьHIGH
Серьёзность:

Закрытые проблемы (3)

CVE-2017-1000252
MEDIUM5.5

The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.

Опубликовано: 2017-09-26Изменено: 2025-04-20
CVSS 2.0НИЗКАЯ 2.1
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS 3.xСРЕДНЯЯ 5.5
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2017-12153
MEDIUM4.4

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

Опубликовано: 2017-09-21Изменено: 2025-04-20
CVSS 2.0СРЕДНЯЯ 4.9
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS 3.xСРЕДНЯЯ 4.4
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Ссылки
CVE-2017-12154
HIGH7.1

The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.

Опубликовано: 2017-09-26Изменено: 2025-04-20
CVSS 2.0НИЗКАЯ 3.6
CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:N
CVSS 3.xВЫСОКАЯ 7.1
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Ссылки