[Forgot Password]
Login  Register Subscribe

23631

 
 

126998

 
 

101924

 
 

909

 
 

80911

 
 

121

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2017-15306

Date: (C)2017-11-07   (M)2018-02-09 


The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm.

CVSS Score: 4.9Access Vector: LOCAL
Exploit Score: 3.9Access Complexity: LOW
Impact Score: 6.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: COMPLETE





Reference:
BID-101693
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac64115a66c18c01745bbd3c47a36b124e5fd8c0
http://openwall.com/lists/oss-security/2017/11/06/6
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.11
https://github.com/torvalds/linux/commit/ac64115a66c18c01745bbd3c47a36b124e5fd8c0

CWE    1
CWE-476
OVAL    1
oval:org.secpod.oval:def:703927

© 2013 SecPod Technologies