Fixed
Created: Nov 26, 2018
Updated: Sep 13, 2022
Resolved Date: Mar 20, 2019
Found In Version: unknown
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Kernel
A vulnerability in the kvm_pv_send_ipi function of the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability exists in the kvm_pv_send_ipi function, as defined in the arch/x86/kvm/lapic.c source code file of the affected software, and is due to the failure of the Advanced Programmable Interrupt Controller (APIC) map to initialize. An attacker could exploit the vulnerability by accessing the system and executing an application that submits malicious system calls to the affected software. A successful exploit could trigger a NULL pointer dereference, which could result in a DoS condition.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19406
