NULL pointer dereference vulnerability in KVM_CHECK_EXTENSION ioctl in Linux kernel

NULL pointer dereference vulnerability in KVM_CHECK_EXTENSION ioctl in Linux kernel

CVE-2017-15306 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl call to /dev/kvm.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.