CVE-2017-2583 log
| Source |
|
| Severity | Medium |
| Remote | No |
| Type | Privilege escalation |
| Description | The Linux kernel > 3.6-rc1, when built with Kernel-based Virtual Machine (CONFIG_KVM) support, is vulnerable to an incorrect segment selector (SS) value error. It could occur loading values into SS register in long mode. A user/process inside a guest host could use this flaw to crash the guest, resulting in denial of service, or potentially escalate their privileges inside the guest system on an AMD processor. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-151 | linux-zen | 4.9.4-1 | 4.9.5-1 | Medium | Fixed | |
| AVG-150 | linux-lts | 4.4.43-1 | 4.4.44-1 | Medium | Fixed | |
| AVG-149 | linux | 4.9.4-1 | 4.9.5-1 | Medium | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 29 Jan 2017 | ASA-201701-38 | AVG-151 | linux-zen | Medium | privilege escalation |
| 27 Jan 2017 | ASA-201701-35 | AVG-150 | linux-lts | Medium | privilege escalation |
| 27 Jan 2017 | ASA-201701-32 | AVG-149 | linux | Medium | privilege escalation |
| References |
|---|
http://seclists.org/oss-sec/2017/q1/137 https://git.kernel.org/linus/33ab91103b3415e12457e3104f0e4517ce12d0f3 |
| Notes |
|---|
Introduced in 3.6-rc1 according to Debian |