CVE-2020-2732 Flaw in KVM Hypervisor

Question

Hello F5,There is the new CVE-2020-2732, a flaw in KVM Hypervisor.See here : https://access.redhat.com/security/cve/cve-2020-2732&nbsp;"A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested(=1) virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to potentially access information of the L1 hypervisor."&nbsp;I cannot find any information from F5 about this CVE.What about Viprion Systems according to this CVE-2020-2732?&nbsp;Thanks for your update.&nbsp;Best regards,Peter

peter_baumann · Answer

,Thanks, I opened a case and today I got the answer that the product development team confirmed that CVE-2020-2732 is not affecting any Big-IP product.

boneyard · Answer

if you have a support contract i would raise a ticket about this, chance on a reply here is small until an official K article is created, which will probably be sooner if tickets get opened on it.

boneyard · Answer

great, thanks for sharing

Forum Discussion

CVE-2020-2732 Flaw in KVM Hypervisor

Recent Discussions

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Related Content

Mitigating OWASP API Security Risk: Injection flaws using F5 XC Platform

North Korean Hackers, Fake Subpoenas, Crypto Laundering, ML Toolkit Flaws, and AndroxGh0st Malware

WordPress + WooCommerce Plugin Design Flaw to RCE

Configuring the KVM hypervisor to run a LineRate guest

Favorite hypervisor for home lab?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS