Required CVE Record Information
Description
The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.
References 6 Total
- https://bugzilla.redhat.com/show_bug.cgi?id=1417812
- openwall.com: [oss-security] 20170131 CVE-2017-2596 Kernel: kvm: page reference leakage in handle_vmon mailing-list
- securityfocus.com: 95878 vdb-entry
- access.redhat.com: RHSA-2017:2077 vendor-advisory
- access.redhat.com: RHSA-2017:1842 vendor-advisory
- debian.org: DSA-3791 vendor-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- https://bugzilla.redhat.com/show_bug.cgi?id=1417812 x_transferred
- openwall.com: [oss-security] 20170131 CVE-2017-2596 Kernel: kvm: page reference leakage in handle_vmon mailing-listx_transferred
- securityfocus.com: 95878 vdb-entryx_transferred
- access.redhat.com: RHSA-2017:2077 vendor-advisoryx_transferred
- access.redhat.com: RHSA-2017:1842 vendor-advisoryx_transferred
- debian.org: DSA-3791 vendor-advisoryx_transferred