Improper Emulation of MOV SS, NULL Selector Instruction in Linux Kernel Allows Privilege Escalation

Improper Emulation of MOV SS, NULL Selector Instruction in Linux Kernel Allows Privilege Escalation

CVE-2017-2583 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.