Not to be fixed
Created: Nov 26, 2018
Updated: Dec 24, 2018
Resolved Date: Dec 18, 2018
Found In Version: 6.0.0.37
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Kernel
A vulnerability in the vcpu_scan_ioapic function of the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability exists in the vcpu_scan_ioapic function, as defined in the arch/x86/kvm/x86.c source code file of the affected software, and is due to the failure of the I/O Advanced Programmable Interrupt Controller (I/O APIC) to initialize. An attacker could exploit the vulnerability by accessing the system and executing an application that submits malicious system calls to the affected software. A successful exploit could trigger a NULL pointer dereference, which could result in a DoS condition.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19407