suse · CVE-2018-1091

Quick triage

Priority: low Published: 2021-05-30 14:06:50 UTC Updated: 2026-04-17 15:44:20 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-1091 severity low: SUSE including 123 source package names (cluster-md-kmp-default-4.12.14-120.1, cluster-md-kmp-default-4.4.121-92.109.2, …), 423 product×package rows across 92 product lines (SLES for SAP Applications 11 SP3, SUSE CaaS Platform 4.0, … (92 product lines)): Known Not Affected 227, Fixed 196.

Description:

In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service.

cvelogic Threat Intelligence