Published: 22/03/2013 Updated: 13/02/2023

CVSS v2 Base Score: 6.8 | Impact Score: 10 | Exploitability Score: 3.2

VMScore: 606

Vector: AV:A/AC:H/Au:N/C:C/I:C/A:C

The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel up to and including 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.8.2
linux linux kernel 3.8.0
linux linux kernel
linux linux kernel 3.8.1
linux linux kernel 3.8.3

Synopsis Important: rhev-hypervisor6 security and bug fix update Type/Severity Security Advisory: Important Topic An updated rhev-hypervisor6 package that fixes several security issues andvarious bugs is now availableThe Red Hat Security Response Team has rated this update as havingimportant security impac ...

Synopsis Important: kvm security update Type/Severity Security Advisory: Important Topic Updated kvm packages that fix three security issues are now available forRed Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerability Scori ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant secur ...

Several security issues were fixed in the kernel ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2121 Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU mapping of memory slots us ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-0160 vladz reported a timing leak with the /dev/ptmx character device A local user could use this to d ...

CWE-119 https://github.com/torvalds/linux/commit/c300aa64ddf57d9c5d9c898a64b36877345dd4a9 http://www.openwall.com/lists/oss-security/2013/03/20/9 https://bugzilla.redhat.com/show_bug.cgi?id=917012 http://www.ubuntu.com/usn/USN-1813-1 http://www.ubuntu.com/usn/USN-1812-1 http://rhn.redhat.com/errata/RHSA-2013-0744.html http://rhn.redhat.com/errata/RHSA-2013-0727.html http://www.ubuntu.com/usn/USN-1809-1 http://rhn.redhat.com/errata/RHSA-2013-0746.html http://www.ubuntu.com/usn/USN-1805-1 http://www.ubuntu.com/usn/USN-1808-1 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html http://rhn.redhat.com/errata/RHSA-2013-0928.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://rhn.redhat.com/errata/RHSA-2013-1026.html http://www.securityfocus.com/bid/58607 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c300aa64ddf57d9c5d9c898a64b36877345dd4a9 https://access.redhat.com/errata/RHSA-2013:0746 https://nvd.nist.gov https://usn.ubuntu.com/1808-1/

CVE-2013-1796

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect