Veracode Vulnerability DatabaseVERACODE:13000Privilege Escalation
0.001 Low
EPSS
Percentile
26.9%
Linux kernel is vulnerable to privilege escalation. The VMX code sets the GDT.LIMIT to 64 KB and does not restore it to the previous host value. This allows an attacker is able to escalate their privileges by placing malicious entries to the per-cpu variables in the GDT with a corrupted GDT limit.
References
www.securityfocus.com/bid/104905
access.redhat.com/errata/RHSA-2018:2390
access.redhat.com/errata/RHSA-2018:2391
access.redhat.com/errata/RHSA-2018:2392
access.redhat.com/errata/RHSA-2018:2393
access.redhat.com/errata/RHSA-2018:2394
access.redhat.com/security/updates/classification/#important
access.redhat.com/security/vulnerabilities/L1TF
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10901
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3444d7da1839b851eefedd372978d8a982316c36
help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
www.oracle.com/security-alerts/cpujul2020.html
www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Related
