CVE-2020-2732 Flaw in KVM Hypervisor

Question

Hello F5,There is the new CVE-2020-2732, a flaw in KVM Hypervisor.See here : https://access.redhat.com/security/cve/cve-2020-2732&nbsp;"A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested(=1) virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to potentially access information of the L1 hypervisor."&nbsp;I cannot find any information from F5 about this CVE.What about Viprion Systems according to this CVE-2020-2732?&nbsp;Thanks for your update.&nbsp;Best regards,Peter

peter_baumann · Answer

,Thanks, I opened a case and today I got the answer that the product development team confirmed that CVE-2020-2732 is not affecting any Big-IP product.

boneyard · Answer

if you have a support contract i would raise a ticket about this, chance on a reply here is small until an official K article is created, which will probably be sooner if tickets get opened on it.

boneyard · Answer

great, thanks for sharing

Forum Discussion

CVE-2020-2732 Flaw in KVM Hypervisor

3 Replies

Recent Discussions

Advise on setting up IRULE

google autenticator broken barcode

Port Group on F5OS network setting

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Unwinding the Benefits of Investing in White Label Crypto Wallet

Related Content

Mitigating OWASP API Security Risk: Injection flaws using F5 XC Platform

WordPress + WooCommerce Plugin Design Flaw to RCE

Favorite hypervisor for home lab?

Configuring the KVM hypervisor to run a LineRate guest

Where do I register to receive F5 flaw and vulnerabilities alerts