The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel up to and including 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 3.8.2 |
||
linux linux kernel 3.8.0 |
||
linux linux kernel |
||
linux linux kernel 3.8.1 |
||
linux linux kernel 3.8.3 |