Описание
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.
Отчет
This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG as they did not provide support for the KVM subsystem.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 5 | kvm | Affected | ||
| Red Hat Enterprise MRG 2 | realtime-kernel | Not affected | ||
| Red Hat Enterprise Linux 5 | kvm | Fixed | RHSA-2013:0727 | 09.04.2013 |
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2013:0744 | 23.04.2013 |
| Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only | kernel | Fixed | RHSA-2013:1026 | 09.07.2013 |
| Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node Only | kernel | Fixed | RHSA-2013:0928 | 11.06.2013 |
| RHEV 3.X Hypervisor and Agents for RHEL-6 | rhev-hypervisor6 | Fixed | RHSA-2013:0746 | 23.04.2013 |
Показывать по
Дополнительная информация
Статус:
6.5 Medium
CVSS2
Связанные уязвимости
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel ...
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation.
6.5 Medium
CVSS2