Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2017-15306): Linux kernel (GCP) vulnerabilities

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

Ubuntu: (Multiple Advisories) (CVE-2017-15306): Linux kernel (GCP) vulnerabilities

Severity
5
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:C)
Published
11/06/2017
Created
07/25/2018
Added
12/08/2017
Modified
08/25/2021

Description

The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm.

Solution(s)

  • ubuntu-upgrade-linux-image-4-13-0-1002-gcp
  • ubuntu-upgrade-linux-image-4-13-0-1008-raspi2
  • ubuntu-upgrade-linux-image-4-13-0-19-generic
  • ubuntu-upgrade-linux-image-4-13-0-19-generic-lpae
  • ubuntu-upgrade-linux-image-4-13-0-19-lowlatency
  • ubuntu-upgrade-linux-image-gcp
  • ubuntu-upgrade-linux-image-generic
  • ubuntu-upgrade-linux-image-generic-lpae
  • ubuntu-upgrade-linux-image-gke
  • ubuntu-upgrade-linux-image-lowlatency
  • ubuntu-upgrade-linux-image-raspi2

References

  • USN-3485-1
  • USN-3485-2
  • USN-3485-3
  • USN-3507-1
  • USN-3507-2
  • USN-3508-1
  • USN-3508-2
  • USN-3509-1
  • USN-3509-2
  • USN-3510-1
  • USN-3510-2
  • USN-3511-1
  • USN-3698-1
  • USN-3698-2
  • USN-3798-1
  • USN-3798-2
  • 101693
  • CVE-2017-15306
View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;