CVE-2017-12154 (retired)

Priority
Description
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel
through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store
exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR
shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read
and write access to the hardware CR8 register.
Ubuntu-Description
It was discovered that the nested KVM implementation in the Linux kernel in
some situations did not properly prevent second level guests from reading
and writing the hardware CR8 register. A local attacker in a guest could
use this to cause a denial of service (system crash).
Notes
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-98.121)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-17.20)
Patches:
Introduced by
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by
51aa68e7d57e3217192d88ce90fd5b8ef29ec94f
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1039.48)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.13.0-1005.7)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed ESM criteria)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.13.0-1002.5)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1033.33)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.13.0-26.29~16.04.2)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.13.0-26.29~16.04.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.18.0-8.9~18.04.1)
Product
linux-krillin:ignored (was needed now end-of-life)
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1009.14)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-153.203~precise1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.13.0-1008.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.3)
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1076.84)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-1006.6)
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1078.83)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Package
Upstream:released (4.14~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Product
linux-vegetahd:ignored (was needed now end-of-life)
More Information

Updated: 2019-10-09 07:58:44 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)