Improper Emulation of VMXON Instruction in Linux Kernel Allows Denial of Service

Improper Emulation of VMXON Instruction in Linux Kernel Allows Denial of Service

CVE-2017-2596 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel through 4.9.8 improperly emulates the VMXON instruction, which allows KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.