vulnerability
Oracle Linux: CVE-2019-3016: ELSA-2020-3010: kernel security, bug fix, and enhancement update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:M/Au:N/C:P/I:N/A:N) | Jan 30, 2020 | Jul 25, 2020 | Dec 3, 2025 |
Severity
2
CVSS
(AV:L/AC:M/Au:N/C:P/I:N/A:N)
Published
Jan 30, 2020
Added
Jul 25, 2020
Modified
Dec 3, 2025
Description
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.
A flaw was found in the way Linux kernel's KVM hypervisor handled deferred TLB flush requests from guest. A race condition may occur between the guest issuing a deferred TLB flush request to KVM, and then KVM handling and acknowledging it. This may result in invalid address translations from TLB being used to access guest memory, leading to a potential information leakage issue. An attacker may use this flaw to access guest memory locations that it should not have access to.
A flaw was found in the way Linux kernel's KVM hypervisor handled deferred TLB flush requests from guest. A race condition may occur between the guest issuing a deferred TLB flush request to KVM, and then KVM handling and acknowledging it. This may result in invalid address translations from TLB being used to access guest memory, leading to a potential information leakage issue. An attacker may use this flaw to access guest memory locations that it should not have access to.
Solutions
oracle-linux-upgrade-kerneloracle-linux-upgrade-kernel-uek
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.