vendor:
N/A
by:
N/A
7.8
CVSS
HIGH
POP SS vulnerability
119
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: CVE-2018-8897
CPE: N/A
Metasploit:
https://www.rapid7.com/db/vulnerabilities/redhat_linux-cve-2018-10872/, https://www.rapid7.com/db/vulnerabilities/oracle_linux-cve-2018-10872/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2018-10872/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/alpine-linux-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/f5-big-ip-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/huawei-euleros-2_0_sp2-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/oracle_linux-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/apple-osx-kernel-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/huawei-euleros-2_0_sp1-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/msft-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/huawei-euleros-2_0_sp3-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/redhat_linux-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/ubuntu-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2018-8897/, https://www.rapid7.com/db/vulnerabilities/debian-cve-2018-8897/
Other Scripts:
N/A
Platforms Tested: VMWare
2018
Demo exploitation of the POP SS vulnerability
This exploit leads to unsigned code execution with kernel privilages. KVA Shadowing should be disabled and the relevant security update should be uninstalled. This may not work with certain hypervisors (like VMWare), which discard the pending #DB after INT3.
Mitigation:
Disable KVA Shadowing and uninstall the relevant security update
