#VU7206 Privilege escalation in Linux kernel - CVE-2017-7518


| Updated: 2017-11-21

Vulnerability identifier: #VU7206

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-7518

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows an local attacker to gain elevated privileges on the guest system.

The weakness exists due to debug exception error in syscall emulation. A attacker can gain system privileges.

Successful exploitation of the vulnerability results in privilege escalation.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 4.4.90 - 4.4.99, 4.10.0 - 4.11.5

External links
https://www.spinics.net/lists/kvm/msg151817.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c8401dda2f0a00cd25c0af...

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in android-emulator-hypervisor-driver-for-amd-processors
Red Hat update for kernel-rt
Red Hat update for kernel
Debian update for linux
openSUSE update for the Linux Kernel
Privilege escalation in Linux kernel