Published: 22/03/2013 Updated: 13/02/2023

CVSS v2 Base Score: 6.2 | Impact Score: 9.2 | Exploitability Score: 3.2

VMScore: 553

Vector: AV:A/AC:H/Au:N/C:C/I:N/A:C

The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel up to and including 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.8.2
linux linux kernel 3.8.0
linux linux kernel
linux linux kernel 3.8.1
linux linux kernel 3.8.3

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2121 Benjamin Herrenschmidt and Jason Baron discovered issues with the IOMMU mapping of memory slots us ...

Synopsis Important: rhev-hypervisor6 security and bug fix update Type/Severity Security Advisory: Important Topic An updated rhev-hypervisor6 package that fixes several security issues andvarious bugs is now availableThe Red Hat Security Response Team has rated this update as havingimportant security impac ...

Synopsis Important: kvm security update Type/Severity Security Advisory: Important Topic Updated kvm packages that fix three security issues are now available forRed Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerability Scori ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant secur ...

Several security issues were fixed in the kernel ...

CWE-20 http://www.openwall.com/lists/oss-security/2013/03/20/9 https://github.com/torvalds/linux/commit/a2c118bfab8bc6b8bb213abfc35201e441693d55 https://bugzilla.redhat.com/show_bug.cgi?id=917017 http://www.ubuntu.com/usn/USN-1813-1 http://www.ubuntu.com/usn/USN-1812-1 http://rhn.redhat.com/errata/RHSA-2013-0744.html http://rhn.redhat.com/errata/RHSA-2013-0727.html http://www.ubuntu.com/usn/USN-1809-1 http://rhn.redhat.com/errata/RHSA-2013-0746.html http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html http://rhn.redhat.com/errata/RHSA-2013-0928.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://rhn.redhat.com/errata/RHSA-2013-1026.html http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2c118bfab8bc6b8bb213abfc35201e441693d55 https://www.debian.org/security/./dsa-2668 https://nvd.nist.gov https://usn.ubuntu.com/1877-1/

CVE-2013-1798

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect