gVisor Prior to 2018-08-22: Denial of Service Vulnerability via Reused Pagetable

gVisor Prior to 2018-08-22: Denial of Service Vulnerability via Reused Pagetable

CVE-2018-20168 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service ("physical address not valid" panic) via a crafted application.

Learn more about our Physical Security Assessment.