CVE-2017-17741 log

Source
Severity Medium
Remote No
Type Information disclosure
Description
The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.
Group Package Affected Fixed Severity Status Ticket
AVG-992 linux-lts 4.9.76-1 4.9.77-1 Medium Fixed
AVG-574 linux-hardened 4.14.7.a-1 4.14.11.a-1 High Fixed FS#56832
AVG-572 linux-zen 4.14.11-1 4.16.1-1 High Fixed
AVG-567 linux 4.14.11-1 4.16-1 High Fixed
Date Advisory Group Package Severity Description
05 Jan 2018 ASA-201801-4 AVG-574 linux-hardened High multiple issues
References
https://git.kernel.org/linus/e39d200fa5bf5b94a0948db0dae44c1b73b84a56
Notes
Fixed in 4.15