Published: 17/05/2012 Updated: 05/01/2018

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

VMScore: 437

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

The KVM implementation in the Linux kernel prior to 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Moderate: kvm security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kvm packages that fix two security issues and one bug are nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant secur ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2121 Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU mapping of memory slots us ...

Several security issues were fixed in the kernel ...

CWE-264 https://bugzilla.redhat.com/show_bug.cgi?id=814149 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4 http://www.openwall.com/lists/oss-security/2012/04/19/16 https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195 http://www.securitytracker.com/id?1027083 http://rhn.redhat.com/errata/RHSA-2012-0743.html http://www.ubuntu.com/usn/USN-1577-1 http://secunia.com/advisories/50732 http://www.ubuntu.com/usn/USN-2037-1 http://www.ubuntu.com/usn/USN-2036-1 http://rhn.redhat.com/errata/RHSA-2012-0676.html https://access.redhat.com/errata/RHSA-2012:0676 https://nvd.nist.gov https://usn.ubuntu.com/1577-1/https://www.debian.org/security/./dsa-2668

CVE-2012-2121

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect