ALAS2-2019-1293 --- kernel perf python-perfID: oval:org.secpod.oval:def:1700217 | Date: (C)2019-10-07 (M)2024-04-17 |
Class: PATCH | Family: unix |
An out-of-bounds access issue was found in the way Linux kernels KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer struct kvm_coalesced_mmio object, wherein write indices ring-gt;first and ring-gt;last value could be supplied by a host user-space process. An unprivileged host user or process with access to /dev/kvm device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
Product: |
kernel |
perf |
python-perf |