CVE-2017-12168

EPSS 0.4%CWE-617

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

20 Sep 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) by accessing the Performance Monitors Cycle Count Register (PMCCNTR).

Affected products

n/a · Linux kernel before 4.9

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9e3f7a29694049edd728e2400ab57ad7553e5aa9 https://bugzilla.redhat.com/show_bug.cgi?id=1492984 https://github.com/torvalds/linux/commit/9e3f7a29694049edd728e2400ab57ad7553e5aa9 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.11