mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-30 21:39:29 +02:00
0xMarcio
1.2 KiB
1.2 KiB
CVE-2018-10901
Description
A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges.
POC
Reference
- https://access.redhat.com/errata/RHSA-2018:2393
- https://access.redhat.com/errata/RHSA-2018:2393
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpujul2020.html
Github
No PoCs found on GitHub currently.