CVE-2017-2583

Source
Severity Medium
Remote No
Type Privilege escalation
Description
The Linux kernel > 3.6-rc1, when built with Kernel-based Virtual Machine (CONFIG_KVM) support, is vulnerable to an incorrect segment selector (SS) value error. It could occur loading values into SS register in long mode.
A user/process inside a guest host could use this flaw to crash the guest, resulting in denial of service, or potentially escalate their privileges inside the guest system on an AMD processor.
Group Package Affected Fixed Severity Status Ticket
AVG-151 linux-zen 4.9.4-1 4.9.5-1 Medium Fixed
AVG-150 linux-lts 4.4.43-1 4.4.44-1 Medium Fixed
AVG-149 linux 4.9.4-1 4.9.5-1 Medium Fixed
Date Advisory Group Package Severity Description
29 Jan 2017 ASA-201701-38 AVG-151 linux-zen Medium privilege escalation
27 Jan 2017 ASA-201701-35 AVG-150 linux-lts Medium privilege escalation
27 Jan 2017 ASA-201701-32 AVG-149 linux Medium privilege escalation
References
http://seclists.org/oss-sec/2017/q1/137
https://git.kernel.org/linus/33ab91103b3415e12457e3104f0e4517ce12d0f3
Notes
Introduced in 3.6-rc1 according to Debian