Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-1797

Опубликовано: 20 мар. 2013
Источник: redhat
CVSS2: 6.5
EPSS Низкий

Описание

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.

Отчет

This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG as they did not provide support for the KVM subsystem.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 5kvmAffected
Red Hat Enterprise MRG 2realtime-kernelNot affected
Red Hat Enterprise Linux 5kvmFixedRHSA-2013:072709.04.2013
Red Hat Enterprise Linux 6kernelFixedRHSA-2013:074423.04.2013
Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node OnlykernelFixedRHSA-2013:102609.07.2013
Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node OnlykernelFixedRHSA-2013:092811.06.2013
RHEV 3.X Hypervisor and Agents for RHEL-6rhev-hypervisor6FixedRHSA-2013:074623.04.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=917013kernel: kvm: after free issue with the handling of MSR_KVM_SYSTEM_TIME

EPSS

Процентиль: 77%
0.0111
Низкий

6.5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-1797

ubuntu
больше 12 лет назад

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.

nvd логотип

CVE-2013-1797

nvd
больше 12 лет назад

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.

debian логотип

CVE-2013-1797

debian
больше 12 лет назад

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel ...

github логотип

GHSA-3fq7-5q53-mpg7

github
больше 3 лет назад

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.

oracle-oval логотип

ELSA-2013-0727

oracle-oval
больше 12 лет назад

ELSA-2013-0727: kvm security update (IMPORTANT)

EPSS

Процентиль: 77%
0.0111
Низкий

6.5 Medium

CVSS2