CVE-2018-10853

Priority
Description
A flaw was found in the way Linux kernel KVM hypervisor before 4.18
emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check
current privilege(CPL) level while emulating unprivileged instructions. An
unprivileged guest user/process could use this flaw to potentially escalate
privileges inside guest.
Ubuntu-Description
Andy Lutomirski and Mika Penttilä discovered that the KVM implementation in
the Linux kernel did not properly check privilege levels when emulating
some instructions. An unprivileged attacker in a guest VM could use this to
escalate privileges within the guest.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-133.159)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-36.39)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.17.0-6.7)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-10.11)
Patches:
Introduced by 129a72a0d3c8e139a04512325384fe5ac119e74dFixed by 3c9fa24ca7c9c47605672916491f79e8ccacb9e6
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (4.4.0-1027.30)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1065.75)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1023.23)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.18.0-1002.3)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1002.3)
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (4.15.0-1030.31~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1025.26~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1025.26)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.18.0-1003.3)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1003.3)
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1025.26)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.18.0-1004.4~18.04.1)
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1021.22~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1021.22)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.18.0-1002.3)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1002.3)
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-36.39~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-36.39~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.18.0-11.12~18.04.1)
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
linux-krillin:ignored (was needs-triage now end-of-life)
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1031.37)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1023.23)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.18.0-1002.2)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1003.3)
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needed ESM criteria)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (4.4.0-133.159~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored (abandoned)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1021.24)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.15.0-1021.24)
Ubuntu 19.04 (Disco Dingo):not-affected (4.15.0-1021.24)
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1094.102)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1024.26)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (4.18.0-1004.6)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1005.7)
Package
Upstream:released (4.18~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1098.103)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
linux-vegetahd:ignored (was needs-triage now end-of-life)
More Information

Updated: 2018-11-15 20:14:43 UTC (commit d9543589c6e92d8da69d7a494cca67004591e2ed)