{
  "threat_severity" : "Moderate",
  "public_date" : "2016-11-18T00:00:00Z",
  "bugzilla" : {
    "description" : "Kernel: kvm: ARM64: assert failure when accessing PMCCNTR register",
    "id" : "1492984",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1492984"
  },
  "cvss" : {
    "cvss_base_score" : "5.2",
    "cvss_scoring_vector" : "AV:A/AC:M/Au:S/C:N/I:N/A:C",
    "status" : "verified"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.2",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-617",
  "details" : [ "The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) by accessing the Performance Monitors Cycle Count Register (PMCCNTR).", "An assertion failure issue was found in the Linux kernel's KVM hypervisor module built to support visualization on ARM64 architecture platforms. The failure could occur while accessing Performance Monitors Cycle Count Register (PMCCNTR) from a guest. A privileged guest user could use this flaw to crash the host kernel resulting in denial of service." ],
  "statement" : "This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2017-11-09T00:00:00Z",
    "advisory" : "RHEA-2017:3163",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-alt-0:4.11.0-44.el7a"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Not affected",
    "package_name" : "realtime-kernel",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2017-12168\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-12168" ],
  "name" : "CVE-2017-12168",
  "csaw" : false
}