ALAS-2019-1293 --- kernel perfID: oval:org.secpod.oval:def:1601056 | Date: (C)2019-10-01 (M)2024-04-17 |
Class: PATCH | Family: unix |
An out-of-bounds access issue was found in the way Linux kernel#039;s KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer #039;struct kvm_coalesced_mmio#039; object, wherein write indices #039;ring-gt;first#039; and #039;ring-gt;last#039; value could be supplied by a host user-space process. An unprivileged host user or process with access to #039;/dev/kvm#039; device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system
Platform: |
Amazon Linux AMI |