vulnerability
Oracle Linux: CVE-2016-9588: ELSA-2017-1842: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
3 | (AV:A/AC:L/Au:S/C:N/I:N/A:P) | Dec 14, 2016 | Apr 4, 2017 | Jan 23, 2025 |
Severity
3
CVSS
(AV:A/AC:L/Au:S/C:N/I:N/A:P)
Published
Dec 14, 2016
Added
Apr 4, 2017
Modified
Jan 23, 2025
Description
arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.
Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to an uncaught exception issue. It could occur if an L2 guest was to throw an exception which is not handled by an L1 guest.
Linux kernel built with the KVM visualization support (CONFIG_KVM), with nested visualization(nVMX) feature enabled(nested=1), is vulnerable to an uncaught exception issue. It could occur if an L2 guest was to throw an exception which is not handled by an L1 guest.
Solution(s)
oracle-linux-upgrade-kerneloracle-linux-upgrade-kernel-uek

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.