CVE-2017-1000407
Kernel: KVM: DoS via write flood to I/O port 0x80
Severity Score
7.4
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
El kernel de Linux en versiones 2.6.32 y posteriores se ha visto afectado por una denegación de servicio (DoS): al inundar el puerto de diagnóstico 0x80 puede ocurrir una excepción que conduce a una situación de pánico del kernel.
Linux kernel Virtualization Module (CONFIG_KVM) for the Intel processor family (CONFIG_KVM_INTEL) is vulnerable to a DoS issue. It could occur if a guest was to flood the I/O port 0x80 with write requests. A guest user could use this flaw to crash the host kernel resulting in DoS.
It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-04-03 CVE Published
- 2017-12-05 CVE Reserved
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-248: Uncaught Exception
- CWE-754: Improper Check for Unusual or Exceptional Conditions
CAPEC
References (19)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/102038 | Third Party Advisory | |
| https://access.redhat.com/security/cve/cve-2017-1000407 | Third Party Advisory | |
| https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2017/12/04/2 | 2019-05-14 | |
| https://www.spinics.net/lists/kvm/msg159809.html | 2019-05-14 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2018:0676 | 2019-05-14 | |
| https://access.redhat.com/errata/RHSA-2018:1062 | 2019-05-14 | |
| https://access.redhat.com/errata/RHSA-2019:1170 | 2019-05-14 | |
| https://usn.ubuntu.com/3583-1 | 2019-05-14 | |
| https://usn.ubuntu.com/3583-2 | 2019-05-14 | |
| https://usn.ubuntu.com/3617-1 | 2019-05-14 | |
| https://usn.ubuntu.com/3617-2 | 2019-05-14 | |
| https://usn.ubuntu.com/3619-1 | 2019-05-14 | |
| https://usn.ubuntu.com/3619-2 | 2019-05-14 | |
| https://usn.ubuntu.com/3632-1 | 2019-05-14 | |
| https://www.debian.org/security/2017/dsa-4073 | 2019-05-14 | |
| https://www.debian.org/security/2018/dsa-4082 | 2019-05-14 | |
| https://access.redhat.com/security/cve/CVE-2017-1000407 | 2019-05-14 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1520328 | 2019-05-14 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Virtualization Host Search vendor "Redhat" for product "Virtualization Host" | 4.0 Search vendor "Redhat" for product "Virtualization Host" and version "4.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus" | 7.6 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "7.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Eus Search vendor "Redhat" for product "Enterprise Linux Server Eus" | 7.6 Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "7.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus" | 7.6 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "7.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.32 < 4.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.32 < 4.15" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 4.15 Search vendor "Linux" for product "Linux Kernel" and version "4.15" | rc1 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 4.15 Search vendor "Linux" for product "Linux Kernel" and version "4.15" | rc2 |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | esm |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 17.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "17.10" | - |
Affected
| ||||||