{"id":"CVE-2018-10853","details":"A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.","modified":"2026-03-15T22:17:08.865241Z","published":"2018-09-11T14:29:01.630Z","related":["MGASA-2018-0296","MGASA-2018-0340","MGASA-2018-0341","SUSE-SU-2018:2341-1","SUSE-SU-2018:2342-1","SUSE-SU-2018:2345-1","SUSE-SU-2018:2346-1","SUSE-SU-2018:2347-1","SUSE-SU-2018:2348-1","SUSE-SU-2018:2349-1","SUSE-SU-2018:2350-1","SUSE-SU-2018:2351-1","SUSE-SU-2018:2352-1","SUSE-SU-2018:2353-1","SUSE-SU-2018:2354-1","SUSE-SU-2018:2355-1","SUSE-SU-2018:2356-1","SUSE-SU-2018:2358-1","SUSE-SU-2018:2359-1","SUSE-SU-2018:2363-1","SUSE-SU-2018:2364-1","SUSE-SU-2018:2367-1","SUSE-SU-2018:2368-1","SUSE-SU-2018:2369-1","SUSE-SU-2018:2387-1","SUSE-SU-2018:2389-1","SUSE-SU-2018:2391-1","SUSE-SU-2018:2413-1","SUSE-SU-2018:2414-1","SUSE-SU-2018:2416-1","SUSE-SU-2018:2450-1","SUSE-SU-2018:2472-1","SUSE-SU-2018:2474-1","SUSE-SU-2018:2538-1","SUSE-SU-2018:2539-1","SUSE-SU-2018:2678-1","SUSE-SU-2018:2684-1","SUSE-SU-2018:2908-1","SUSE-SU-2018:2908-2","SUSE-SU-2018:2933-1","SUSE-SU-2018:2935-1","SUSE-SU-2018:3083-1","SUSE-SU-2018:3084-1","SUSE-SU-2019:1245-1"],"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0179"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0103"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3777-1/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2043"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0036"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3777-2/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2029"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10853"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=129a72a0d3c8e139a04512325384fe5ac119e74"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c9fa24ca7c9c47605672916491f79e8ccacb9e6"},{"type":"FIX","url":"https://www.openwall.com/lists/oss-security/2018/09/02/1"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"fixed":"4.18"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-10853.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}