vulnerability
Ubuntu: (Multiple Advisories) (CVE-2017-12154): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:N/C:P/I:P/A:N) | Sep 20, 2017 | Oct 31, 2017 | Mar 27, 2026 |
Severity
4
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:N)
Published
Sep 20, 2017
Added
Oct 31, 2017
Modified
Mar 27, 2026
Description
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.
Solutions
ubuntu-upgrade-linux-image-3-13-0-153-genericubuntu-upgrade-linux-image-3-13-0-153-generic-lpaeubuntu-upgrade-linux-image-3-13-0-153-lowlatencyubuntu-upgrade-linux-image-3-13-0-153-powerpc-e500ubuntu-upgrade-linux-image-3-13-0-153-powerpc-e500mcubuntu-upgrade-linux-image-3-13-0-153-powerpc-smpubuntu-upgrade-linux-image-3-13-0-153-powerpc64-embubuntu-upgrade-linux-image-3-13-0-153-powerpc64-smpubuntu-upgrade-linux-image-4-13-0-1006-raspi2ubuntu-upgrade-linux-image-4-13-0-17-genericubuntu-upgrade-linux-image-4-13-0-17-generic-lpaeubuntu-upgrade-linux-image-4-13-0-17-lowlatencyubuntu-upgrade-linux-image-4-4-0-1009-kvmubuntu-upgrade-linux-image-4-4-0-1033-gkeubuntu-upgrade-linux-image-4-4-0-1039-awsubuntu-upgrade-linux-image-4-4-0-1076-raspi2ubuntu-upgrade-linux-image-4-4-0-1078-snapdragonubuntu-upgrade-linux-image-4-4-0-98-genericubuntu-upgrade-linux-image-4-4-0-98-generic-lpaeubuntu-upgrade-linux-image-4-4-0-98-lowlatencyubuntu-upgrade-linux-image-4-4-0-98-powerpc-e500mcubuntu-upgrade-linux-image-4-4-0-98-powerpc-smpubuntu-upgrade-linux-image-4-4-0-98-powerpc64-embubuntu-upgrade-linux-image-4-4-0-98-powerpc64-smpubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-lts-trustyubuntu-upgrade-linux-image-generic-lpae-lts-xenialubuntu-upgrade-linux-image-generic-lts-trustyubuntu-upgrade-linux-image-generic-lts-xenialubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-lts-xenialubuntu-upgrade-linux-image-powerpc-e500ubuntu-upgrade-linux-image-powerpc-e500mcubuntu-upgrade-linux-image-powerpc-e500mc-lts-xenialubuntu-upgrade-linux-image-powerpc-smpubuntu-upgrade-linux-image-powerpc-smp-lts-xenialubuntu-upgrade-linux-image-powerpc64-embubuntu-upgrade-linux-image-powerpc64-emb-lts-xenialubuntu-upgrade-linux-image-powerpc64-smpubuntu-upgrade-linux-image-powerpc64-smp-lts-xenialubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragon
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.