Published: 22/01/2013 Updated: 13/02/2023

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

VMScore: 170

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

The KVM subsystem in the Linux kernel prior to 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.6.7
linux linux kernel 3.6.2
linux linux kernel 3.6.6
linux linux kernel
linux linux kernel 3.6.4
linux linux kernel 3.6.1
linux linux kernel 3.6
linux linux kernel 3.6.3
linux linux kernel 3.6.5

Synopsis Moderate: kernel security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated kernel packages that fix three security issues and several bugs arenow available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity im ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2121 Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU mapping of memory slots us ...

It was found that a deadlock could occur in the Out of Memory (OOM) killer A process could trigger this deadlock by consuming a large amount of memory, and then causing request_module() to be called A local, unprivileged user could use this flaw to cause a denial of service (excessive memory consumption) (CVE-2012-4398) A flaw was found in the w ...

Several security issues were fixed in the kernel ...

USN-1699-1 introduced a regression in the Linux kernel ...

Several security issues were fixed in the kernel ...

USN-1696-1 introduced a regression in the Linux kernel ...

USN-1704-1 introduced a regression in the Linux kernel ...

NVD-CWE-noinfo http://www.openwall.com/lists/oss-security/2012/11/06/14 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.9 http://article.gmane.org/gmane.comp.emulators.kvm.devel/100742 https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html https://bugzilla.redhat.com/show_bug.cgi?id=862900 http://www.securityfocus.com/bid/56414 http://rhn.redhat.com/errata/RHSA-2013-0223.html http://secunia.com/advisories/51160 http://rhn.redhat.com/errata/RHSA-2013-0882.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git%3Ba=commit%3Bh=6d1068b3a98519247d8ba4ec85cd40ac136dbdf9 https://access.redhat.com/errata/RHSA-2013:0223 https://nvd.nist.gov https://usn.ubuntu.com/1689-1/https://www.debian.org/security/./dsa-2668

CVE-2012-4461

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect