CVE-2017-8106

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-8106
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-8106.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-8106
Downstream
Related
Published
2017-04-24T23:59:00.753Z
Modified
2026-02-22T01:21:32.310605Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
5e01dc7b26d9f24f39abace5da98ccbd6a5ceb52
Last affected
1860e379875dfe7271c649058aeddffe5afd9d0d

Affected versions

v3.*
v3.12
v3.13
v3.13-rc1
v3.13-rc2
v3.13-rc3
v3.13-rc4
v3.13-rc5
v3.13-rc6
v3.13-rc7
v3.13-rc8
v3.14
v3.14-rc1
v3.14-rc2
v3.14-rc3
v3.14-rc4
v3.14-rc5
v3.14-rc6
v3.14-rc7
v3.14-rc8
v3.15
v3.15-rc1
v3.15-rc2
v3.15-rc3
v3.15-rc4
v3.15-rc5
v3.15-rc6
v3.15-rc7
v3.15-rc8

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-8106.json"