Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.
CVSS Information
N/A
Vulnerability Type
释放后使用
Vulnerability Title
Linux kernel KVM hypervisor 安全漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。KVM hypervisor是其中的一个基于内核的虚拟机。 Linux kernel 4.14.91之前版本、4.14.91之前版本和4.19.13之前版本中KVM hypervisor对posted interrupts的处理方法存在释放后重用漏洞。攻击者可利用该漏洞造成拒绝服务(主机内核崩溃)或可能获取具有特权的系统访问权限。
CVSS Information
N/A
Vulnerability Type
N/A