A vulnerability in the flush_tmregs_to_thread function of the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path by the affected software. This occurs when the flush_tmregs_to_thread function, as defined in the arch/powerpc/kernel/ptrace.c source code file of the affected software, is used. An attacker could exploit this vulnerability by using unprivileged userspace during a core dump on a POWER host. A successful exploit could trigger a guest kernel crash, resulting in a DoS condition on the system.
Kernel.org has confirmed the vulnerability and released software updates.
CVE number – CVE-2018-1091
To exploit this vulnerability, an attacker must have local access to the targeted system. This access requirement may reduce the likelihood of a successful exploit.
Administrators are advised to apply the appropriate updates.
Administrators are advised to allow only trusted users to access local systems.
Administrators are advised to monitor affected systems.