公告ID: KYLIN-2019-6974
安全等级: 重要
产品: Kylin V3
发布日期: 2019年2月7日
CVE: CVE-2019-6974
CVSS3评分: 7.8
概述:
This issue does not affect the version of the kernel package as shipped with Kylin Enterprise Linux 5, 6 and Kylin Enterprise MRG 2. This issue affects the versions of Linux kernel as shipped with Kylin Enterprise Linux 7. Future kernel updates for Kylin Enterprise Linux 7 may address this issue. 描述:
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device(), the device holds a reference to a VM object, later this reference is transferred to the caller's file descriptor table. If such file descriptor was to be closed, reference count to the VM object could become zero, potentially leading to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service issue or, potentially, gain privileged access to a system. 系统版本:
KYLIN 3.3.x
KYLIN 3.0.x
KYLIN 3.2.x
KYLIN 3.3.x
KYLIN 3.3.x
受影响包列表:
kernel-alt
kernel
kernel
kernel-rt
kernel