CVE-2017-2584 : arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to o

arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.

Published 2017-01-15 02:59:03

Updated 2018-08-24 10:29:02

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of serviceInformation leak

Products affected by CVE-2017-2584

Linux » Linux Kernel
Versions up to, including, (<=) 4.9.3
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-2584

EPSS FAQ

0.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 25 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-2584

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
3.6	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:P	3.9	4.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: Partial
7.1	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H	1.8	5.2	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: High

CWE ids for CVE-2017-2584

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-2584

http://www.debian.org/security/2017/dsa-3791

Debian -- Security Information -- DSA-3791-1 linux

CVEs referencing this url
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=129a72a0d3c8e139a04512325384fe5ac119e74d

kernel/git/torvalds/linux.git - Linux kernel source tree
https://usn.ubuntu.com/3754-1/

USN-3754-1: Linux kernel vulnerabilities | Ubuntu security notices

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2017/01/13/7

oss-security - CVE-2017-2584 Kernel: kvm: use after free in complete_emulated_mmio
https://bugzilla.redhat.com/show_bug.cgi?id=1413001

1413001 – (CVE-2017-2584) CVE-2017-2584 Kernel: kvm: use after free in complete_emulated_mmio
http://www.securitytracker.com/id/1037603

Linux Kernel Use-After-Free Memory Error in complete_emulated_mmio() Lets Local Users on a Guest System Cause Denial of Service Conditions on the Host System - SecurityTracker
https://github.com/torvalds/linux/commit/129a72a0d3c8e139a04512325384fe5ac119e74d

KVM: x86: Introduce segmented_write_std · torvalds/linux@129a72a · GitHub
http://www.securityfocus.com/bid/95430

Linux Kernel CVE-2017-2584 Denial of Service Vulnerability

Jump to

Vulnerability Details : CVE-2017-2584

Products affected by CVE-2017-2584

Exploit prediction scoring system (EPSS) score for CVE-2017-2584

CVSS scores for CVE-2017-2584

CWE ids for CVE-2017-2584

References for CVE-2017-2584