CVE-2017-2583

CVE-2017-2583

Name

CVE-2017-2583

Description

The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Issue Tracking	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3
secalert@redhat.com	http://www.debian.org/security/2017/dsa-3791
Release Notes	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
Mailing List	http://www.openwall.com/lists/oss-security/2017/01/19/2
Third Party Advisory	http://www.securityfocus.com/bid/95673
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2017:1615
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2017:1616
Issue Tracking	https://bugzilla.redhat.com/show_bug.cgi?id=1414735
Issue Tracking	https://github.com/torvalds/linux/commit/33ab91103b3415e12457e3104f0e4517ce12d0f3
secalert@redhat.com	https://usn.ubuntu.com/3754-1/

Type

URI

Issue Tracking

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3

secalert@redhat.com

http://www.debian.org/security/2017/dsa-3791

Release Notes

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5

Mailing List

http://www.openwall.com/lists/oss-security/2017/01/19/2

Third Party Advisory

http://www.securityfocus.com/bid/95673