Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.
CVSS Information
N/A
Vulnerability Type
带着不必要的权限执行
Vulnerability Title
Linux kernel KVM 安全漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。KVM是其中的一个基于内核的虚拟机。 Linux kernel中的KVM 4.18之前版本存在安全漏洞,该漏洞源于程序没有检测CPL(当前执行任务或程序的特权级)。攻击者可利用该漏洞提升权限。
CVSS Information
N/A
Vulnerability Type
N/A