Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2018-18021 | First vendor Publication | 2018-10-07 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | |||
|---|---|---|---|
| Overall CVSS Score | 7.1 | ||
| Base Score | 7.1 | Environmental Score | 7.1 |
| impact SubScore | 5.2 | Temporal Score | 7.1 |
| Exploitabality Sub Score | 1.8 | ||
| Attack Vector | Local | Attack Complexity | Low |
| Privileges Required | Low | User Interaction | None |
| Scope | Unchanged | Confidentiality Impact | None |
| Integrity Impact | High | Availability Impact | High |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:N/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 3.6 | Attack Range | Local |
| Cvss Impact Score | 4.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by attackers who can create virtual machines. An attacker can arbitrarily redirect the hypervisor flow of control (with full register control). An attacker can also cause a denial of service (hypervisor panic) via an illegal exception return. This occurs because of insufficient restrictions on userspace access to the core register file, and because PSTATE.M validation does not prevent unintended execution modes. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18021 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2019-01-03 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2018-ddbaca855e.nasl - Type : ACT_GATHER_INFO |
| 2019-01-03 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2018-f392ab8c84.nasl - Type : ACT_GATHER_INFO |
| 2018-11-09 | Name : The remote Amazon Linux 2 host is missing a security update. File : al2_ALAS-2018-1100.nasl - Type : ACT_GATHER_INFO |
| 2018-11-08 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-1100.nasl - Type : ACT_GATHER_INFO |
| 2018-10-11 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2018-94315e9a6b.nasl - Type : ACT_GATHER_INFO |
| 2018-10-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4313.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2025-03-18 02:08:57 |
|
| 2024-12-12 01:58:52 |
|
| 2024-11-28 13:16:34 |
|
| 2024-11-09 01:56:05 |
|
| 2024-10-25 01:56:09 |
|
| 2024-10-23 01:55:34 |
|
| 2024-08-02 12:56:40 |
|
| 2024-08-02 01:15:54 |
|
| 2024-03-12 12:50:51 |
|
| 2024-02-02 01:54:50 |
|
| 2024-02-01 12:15:05 |
|
| 2023-12-29 01:49:05 |
|
| 2023-11-22 01:48:35 |
|
| 2023-09-05 12:52:43 |
|
| 2023-09-05 01:14:48 |
|
| 2023-09-02 12:52:11 |
|
| 2023-09-02 01:15:05 |
|
| 2023-08-12 12:55:57 |
|
| 2023-08-12 01:14:22 |
|
| 2023-08-11 12:50:00 |
|
| 2023-08-11 01:14:45 |
|
| 2023-08-06 12:48:31 |
|
| 2023-08-06 01:14:19 |
|
| 2023-08-04 12:48:45 |
|
| 2023-08-04 01:14:26 |
|
| 2023-07-14 12:48:46 |
|
| 2023-07-14 01:14:26 |
|
| 2023-06-06 12:43:17 |
|
| 2023-03-29 01:50:15 |
|
| 2023-03-28 12:14:45 |
|
| 2023-01-25 01:40:41 |
|
| 2022-10-11 12:43:40 |
|
| 2022-10-11 01:14:25 |
|
| 2022-09-09 01:39:07 |
|
| 2022-03-11 01:36:03 |
|
| 2022-02-01 01:33:53 |
|
| 2021-12-11 12:34:33 |
|
| 2021-12-11 01:32:43 |
|
| 2021-08-19 12:30:02 |
|
| 2021-05-25 12:28:29 |
|
| 2021-05-04 13:11:14 |
|
| 2021-04-22 02:25:16 |
|
| 2021-03-27 01:25:41 |
|
| 2020-12-12 12:22:30 |
|
| 2020-12-05 12:23:56 |
|
| 2020-09-25 01:21:45 |
|
| 2020-08-11 12:21:44 |
|
| 2020-08-08 01:21:36 |
|
| 2020-08-07 12:22:00 |
|
| 2020-08-07 01:22:42 |
|
| 2020-08-01 12:21:37 |
|
| 2020-07-30 01:22:21 |
|
| 2020-05-24 01:25:02 |
|
| 2020-05-23 02:13:40 |
|
| 2020-05-23 01:10:39 |
|
| 2019-04-05 00:18:58 |
|
| 2019-04-03 09:19:27 |
|
| 2018-12-18 12:08:43 |
|
| 2018-12-15 12:08:57 |
|
| 2018-11-28 00:22:55 |
|
| 2018-11-27 17:20:17 |
|
| 2018-11-15 17:19:00 |
|
| 2018-10-12 17:19:44 |
|
| 2018-10-10 17:19:42 |
|
| 2018-10-07 12:04:42 |
|
