Executive Summary

Informations
Name CVE-2018-16882 First vendor Publication 2019-01-03
Vendor Cve Last vendor Modification 2023-01-19

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Overall CVSS Score 8.8
Base Score 8.8 Environmental Score 8.8
impact SubScore 6 Temporal Score 8.8
Exploitabality Sub Score 2
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Changed Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16882

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-416 Use After Free

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Os 4
Os 3197

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/106254
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16882
https://lwn.net/Articles/775720/
https://lwn.net/Articles/775721/
https://support.f5.com/csp/article/K80557033
MISC https://marc.info/?l=kvm&m=154514994222809&w=2
UBUNTU https://usn.ubuntu.com/3871-1/
https://usn.ubuntu.com/3871-3/
https://usn.ubuntu.com/3871-4/
https://usn.ubuntu.com/3871-5/
https://usn.ubuntu.com/3872-1/
https://usn.ubuntu.com/3878-1/
https://usn.ubuntu.com/3878-2/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
Date Informations
2024-03-12 12:50:22
  • Multiple Updates
2024-02-02 01:54:20
  • Multiple Updates
2024-02-01 12:14:58
  • Multiple Updates
2023-12-29 01:48:37
  • Multiple Updates
2023-11-22 01:48:08
  • Multiple Updates
2023-09-05 12:52:09
  • Multiple Updates
2023-09-05 01:14:41
  • Multiple Updates
2023-09-02 12:51:43
  • Multiple Updates
2023-09-02 01:14:59
  • Multiple Updates
2023-08-12 12:55:29
  • Multiple Updates
2023-08-12 01:14:16
  • Multiple Updates
2023-08-11 12:49:33
  • Multiple Updates
2023-08-11 01:14:38
  • Multiple Updates
2023-08-06 12:48:04
  • Multiple Updates
2023-08-06 01:14:13
  • Multiple Updates
2023-08-04 12:48:18
  • Multiple Updates
2023-08-04 01:14:19
  • Multiple Updates
2023-07-14 12:48:20
  • Multiple Updates
2023-07-14 01:14:19
  • Multiple Updates
2023-06-06 12:42:52
  • Multiple Updates
2023-03-29 01:49:49
  • Multiple Updates
2023-03-28 12:14:39
  • Multiple Updates
2023-01-25 00:27:46
  • Multiple Updates
2023-01-19 21:27:42
  • Multiple Updates
2022-10-11 12:43:17
  • Multiple Updates
2022-10-11 01:14:19
  • Multiple Updates
2022-09-09 01:38:45
  • Multiple Updates
2022-03-11 01:35:43
  • Multiple Updates
2022-02-01 01:33:34
  • Multiple Updates
2021-12-11 12:34:13
  • Multiple Updates
2021-12-11 01:32:24
  • Multiple Updates
2021-08-19 12:29:45
  • Multiple Updates
2021-05-25 12:28:13
  • Multiple Updates
2021-05-04 13:11:58
  • Multiple Updates
2021-04-22 02:27:10
  • Multiple Updates
2021-03-27 01:25:26
  • Multiple Updates
2020-12-12 12:22:17
  • Multiple Updates
2020-12-05 12:23:42
  • Multiple Updates
2020-09-25 01:21:32
  • Multiple Updates
2020-08-11 12:21:32
  • Multiple Updates
2020-08-08 01:21:24
  • Multiple Updates
2020-08-07 12:21:48
  • Multiple Updates
2020-08-07 01:22:30
  • Multiple Updates
2020-08-01 12:21:25
  • Multiple Updates
2020-07-30 01:22:09
  • Multiple Updates
2020-05-24 01:24:49
  • Multiple Updates
2020-05-23 02:12:55
  • Multiple Updates
2020-05-23 01:09:35
  • Multiple Updates
2019-10-10 05:20:29
  • Multiple Updates
2019-04-23 21:19:15
  • Multiple Updates
2019-04-23 17:19:01
  • Multiple Updates
2019-04-22 21:19:16
  • Multiple Updates
2019-03-05 21:19:19
  • Multiple Updates
2019-02-05 17:19:26
  • Multiple Updates
2019-01-30 21:18:43
  • Multiple Updates
2019-01-30 00:18:41
  • Multiple Updates
2019-01-04 17:19:57
  • Multiple Updates
2019-01-03 21:18:54
  • First insertion