VDB
CVE-2017-7518
CVE-2017-7518
PUBLISHED
A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.
EPSS 0.09% · 25.7th percentile
Risk Scores
EPSS Score
0.09%
25.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:14.04:LTS | linux-aws | 4.4.0-1011.11, 4.4.0-1012.12, 4.4.0-1010.10 |
| Ubuntu:Pro:FIPS:16.04:LTS | linux-fips | 4.4.0-1006.6, 0, 4.4.0-1003.3 |
| Ubuntu:24.04:LTS | linux-hwe-6.11 | 6.11.0-24.24~24.04.1, 0, 6.11.0-17.17~24.04.2 |
| Ubuntu:22.04:LTS | linux-riscv | 5.15.0-1017.19, 5.15.0-1019.22, 5.15.0-1020.23 |
| Ubuntu:24.04:LTS | linux-azure-6.11 | 6.11.0-1014.14~24.04.1, 6.11.0-1013.13~24.04.1, 0 |
| Ubuntu:16.04:LTS | linux-gcp | 4.10.0-1008.8, 4.10.0-1009.9, 0 |
| Ubuntu:16.04:LTS | linux-hwe | 4.10.0-42.46~16.04.1, *, * |
| Ubuntu:22.04:LTS | linux-realtime | 5.15.0-1032.35, 0 |
| Ubuntu:24.04:LTS | linux-raspi-realtime | 6.8.0-2019.20, 0 |
| Ubuntu:22.04:LTS | linux-intel-iot-realtime | 0, 5.15.0-1073.75 |
| Ubuntu:Pro:20.04:LTS | linux-azure-fde-5.15 | 5.15.0-1040.47~20.04.1.1, 5.15.0-1039.46~20.04.1.1, 5.15.0-1038.45~20.04.1.1 |
| Ubuntu:14.04:LTS | linux | 3.13.0-137.186, 3.13.0-139.188, 3.13.0-141.190 |
| Ubuntu:20.04:LTS | linux-azure-fde | 5.4.0-1092.97+cvm1.1, 0, 5.4.0-1063.66+cvm2.2 |
| Ubuntu:14.04:LTS | linux-lts-xenial | *, 4.4.0-14.30~14.04.2, 0 |
| Ubuntu:16.04:LTS | linux-aws | 4.4.0-1004.13, 4.4.0-1001.10, 0 |
| Ubuntu:16.04:LTS | linux-snapdragon | 4.4.0-1013.15, 4.4.0-1012.12, 0 |
| Ubuntu:24.04:LTS | linux-lowlatency-hwe-6.11 | *, 0, 6.11.0-1011.12~24.04.1 |
| Ubuntu:20.04:LTS | linux-riscv | 5.4.0-28.32, 5.4.0-27.31, 5.4.0-40.45 |
| Ubuntu:20.04:LTS | linux-raspi2 | 5.4.0-1006.6, 5.3.0-1015.17, 0 |
| Ubuntu:16.04:LTS | linux-kvm | 4.4.0-1015.20, 4.4.0-1017.22, 4.4.0-1019.24 |
…and 4 more
Exploit Intelligence
- jedai47/CVE-2017-16994 (github-poc)
- jedai47/CVE-2017-16994 (github-poc)
- jedai47/CVE-2017-16994 (github-poc)
- jedai47/CVE-2017-16994 (github-poc)
- jedai47/CVE-2017-16994 (github-poc)
- Exploiting CVE-2016-10277 for Secure Boot and Device Locking bypass (github-poc)
- Exploiting CVE-2016-10277 for Secure Boot and Device Locking bypass (github-poc)
- Exploiting CVE-2016-10277 for Secure Boot and Device Locking bypass (github-poc)
- Exploiting CVE-2016-10277 for Secure Boot and Device Locking bypass (github-poc)
- Exploiting CVE-2016-10277 for Secure Boot and Device Locking bypass (github-poc)
…and 5 more exploits
Timeline
- Jun 23, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2017-7518 third-party-advisory
- http://www.openwall.com/lists/oss-security/2017/06/23/5 third-party-advisory
- https://www.spinics.net/lists/kvm/msg151817.html third-party-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1464473 third-party-advisory
- https://ubuntu.com/security/notices/USN-3619-1 vendor-advisory
- https://ubuntu.com/security/notices/USN-3619-2 vendor-advisory
- https://ubuntu.com/security/notices/USN-3754-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2017-7518 third-party-advisory