Linux Kernel CVE-2017-7518 Privilege Escalation Vulnerability
by CIRT Team
Description: A flaw was found in the way the Linux KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest.
Impact: An attacker can leverage this issue to gain elevated privileges and perform unauthorized actions which may aid in launching further attacks.
Mitigation: Updates are available. Please see the references or vendor advisory for more information.
Reference URL’s:
- https://www.securityfocus.com/bid/99263/info
- https://bugzilla.redhat.com/show_bug.cgi?id=1464473
- http://seclists.org/oss-sec/2017/q2/574
- https://www.oracle.com/technetwork/topics/security/linuxbulletinapr2018-4431087.html
- https://www.suse.com/security/cve/CVE-2017-7518/
Recommended Posts
Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers
08 Feb 2024 - Articles, English articles, Security Advisories & Alerts
Subscribe here
MEMBER OF:
