Oval Definition:	oval:com.ubuntu.xenial:def:20169777000
Revision Date: 2016-12-28 Version: 1 Title: CVE-2016-9777 on Ubuntu 16.04 LTS (xenial) - medium. Description: KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly restrict the VCPU index when I/O APIC is enabled, An attacker in a guest VM could use this to cause a denial of service (system crash) or possibly gain privileges in the host OS. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-9777 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information NOT While related to the CVE in some way, the 'linux' package in xenial is not affected. OR NOT While related to the CVE in some way, the 'linux-aws' package in xenial is not affected. OR NOT While related to the CVE in some way, the 'linux-flo' package in xenial is not affected. OR NOT While related to the CVE in some way, the 'linux-gke' package in xenial is not affected. OR NOT While related to the CVE in some way, the 'linux-goldfish' package in xenial is not affected. OR The 'linux-hwe' package in xenial was vulnerable but has been fixed (note: '4.8.0-39.42~16.04.1'). OR The 'linux-hwe-edge' package in xenial was vulnerable but has been fixed (note: '4.8.0-39.42~16.04.1'). OR NOT While related to the CVE in some way, the 'linux-mako' package in xenial is not affected. OR NOT While related to the CVE in some way, the 'linux-raspi2' package in xenial is not affected. OR NOT While related to the CVE in some way, the 'linux-snapdragon' package in xenial is not affected.
BACK