March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Russian Language Malspam Pushing Shade Ransomware
February 26, 2019Rewterz Threat Alert -WARZONE RAT ( aka Ave Maria RAT) Malware
February 27, 2019Rewterz Threat Alert – Russian Language Malspam Pushing Shade Ransomware
February 26, 2019Rewterz Threat Alert -WARZONE RAT ( aka Ave Maria RAT) Malware
February 27, 2019
Severity
Medium
Analysis Summary
A use-after-free vulnerability was found in the way the Linux kernel’s KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device(), the device holds a reference to a VM object, later this reference is transferred to the caller’s file descriptor table. If such file descriptor was to be closed, reference count to the VM object could become zero, potentially leading to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service issue or, potentially, gain privileged access to a system.
Impact
Denial of service
Privilege escalation
System access
Affected Products
- Linux Kernel 3.16.x
- Linux Kernel 4.4.x
- Linux Kernel 4.9.x
- Linux Kernel 4.14.x
- Linux Kernel 4.19.x
- Linux Kernel 4.20.x
Remediation
Update to a fixed version if available.
Versions 4.20.x:
Update to version 4.20.8.
Versions 4.19.x:
Update to version 4.19.21.
Versions 4.14.x:
Update to version 4.14.99.
Versions 4.9.x:
Update to version 4.9.156.
Versions 4.4.x:
Update to version 4.4.176.