arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun."
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2017-10-11T15:00:00

Updated: 2024-08-05T18:28:16.694Z

Reserved: 2017-08-01T00:00:00

Link: CVE-2017-12188

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2017-10-11T15:29:00.180

Modified: 2024-04-02T18:05:18.423

Link: CVE-2017-12188

cve-icon Redhat

Severity : Important

Publid Date: 2017-10-10T00:00:00Z

Links: CVE-2017-12188 - Bugzilla