Lucene search

[email protected]CVE-2012-1601

HistoryMay 17, 2012 - 11:00 a.m.

CVE-2012-1601

2012-05-1711:00:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2012-1601

kvm

linux kernel

denial of service

nvd

5.7 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

26.0%

JSON

The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.

CPENameOperatorVersion
linux:linux_kernellinux linux kernelle3.3.5

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	le	3.3.5

References

lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html

rhn.redhat.com/errata/RHSA-2012-0571.html

rhn.redhat.com/errata/RHSA-2012-0676.html

secunia.com/advisories/49928

www.debian.org/security/2012/dsa-2469

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6

www.openwall.com/lists/oss-security/2012/03/30/1

www.securitytracker.com/id?1026897

bugzilla.redhat.com/show_bug.cgi?id=808199

github.com/torvalds/linux/commit/9c895160d25a76c21b65bad141b08e8d4f99afef

www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html

5.7 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

26.0%

JSON

Related for CVE-2012-1601

prion1 seebug1 ubuntucve1 nessus23 oraclelinux5 openvas55 redhat2 centos2 ubuntu10 securityvulns2 debian1 osv1 fedora12 suse2