|Description||A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)|
|References||DLA-1930-1, DLA-1940-1, DSA-4531-1|
|NVD severity||high (attack range: local)|
Vulnerable and fixed packages
The table below lists information on source packages.
|linux-4.9 (PTS)||jessie (security)||4.9.189-3+deb9u1~deb8u1||fixed|
The information below is based on the following data on fixed versions.